Senior Threat Hunter

Position: Senior Threat Hunter

Experience: 8+ Years

Location: Pune

About the Role: Were not looking for someone who waits for alerts. Were looking for someone who assumes we are already compromised and goes hunting.

As a Senior Threat Hunter, you will proactively identify advanced threats, hidden attacker behaviours, and security blind spots across endpoint, cloud, identity, and SaaS environments. You will operate at the intersection of threat intelligence, detection engineering, and incident response building capabilities, not just running playbooks. This role is for someone who thinks like an adversary, moves fast, and isnt satisfied with no alerts found as an answer.

Responsibilities:

• Design and run aggressive, hypothesis-driven threat hunting campaigns
• Identify stealthy TTPs that bypass EDR, SIEM rules, and traditional detections
• Hunt across multi-cloud, identity systems, endpoints, and network telemetry
• Translate intelligence into detection logic and production-grade analytics
• Break existing detection systems and make them better
• Build reusable hunting playbooks and automation workflows
• Reduce dwell time and close telemetry blind spots
• Partner closely with DFIR and red team to simulate real-world attack paths
• Mentor SOC analysts and elevate overall detection maturity

Qualifications:

• 6+ years in cybersecurity with deep hands-on experience
• 24 years in threat hunting, DFIR, red teaming, or advanced SOC roles
• Strong command of MITRE ATT&CK and attacker tradecraft
• Advanced query skills (KQL, SPL, SQL)
• Experience with SIEM (Sentinel, Splunk, QRadar), EDR/XDR (CrowdStrike, Defender, SentinelOne), and cloud telemetry
• Strong understanding of identity attacks, lateral movement, privilege escalation, persistence mechanisms
• Ability to script in Python / PowerShell to automate investigations
• Experience in hybrid cloud (AWS, Azure, GCP) and SaaS monitoring

Required Skills:

• Purple team exercises
• Adversary emulation
• Detection engineering from scratch
• AI-assisted detection or anomaly modelling
• Built hunting programs in a fast-growing company

Preferred Skills:

• You question assumptions
• You treat normal behaviour as suspicious until proven otherwise
• You move fast but document cleanly
• You can explain complex attack chains to both engineers and leadership
• You dont hide behind tools you understand whats happening under the hood

Why This Role Is Different:

• You wont just operate tools. Youll influence architecture.
• You wont just investigate alerts. Youll design detections.
• You wont just follow a SOC process. Youll help redefine it.