SME - Threat Hunter

SOC Threat Hunter

Location: Hyderabad

Experience: 810 Years

We are looking for an experienced SOC Threat Hunter with strong expertise in SOC operations, SIEM management, threat detection, and incident response.

Key Skills

• 810 years of experience in a Global Security Operations Center (SOC).
• Hands-on experience with SIEM tools such as Splunk, QRadar, or ArcSight.
• Strong experience in incident triage, investigation, and threat hunting.
• Knowledge of MITRE ATT&CK framework and Cyber Kill Chain.
• Experience with Vulnerability Management tools like Tenable, Rapid7, Qualys, Nmap, and Burp Suite.
• Experience in Vulnerability Assessment & Penetration Testing (VA/PT) for infrastructure and web applications.
• Ability to analyze network, firewall, proxy, and application logs.
• Good understanding of networking and security infrastructure (routers, switches, firewalls).
• Experience with SOAR, XDR, IDS/IPS, UEBA, and threat intelligence tools.

Key Responsibilities

Security Monitoring & Threat Detection

• Monitor systems, APIs, and connectivity platforms for security threats, anomalies, and vulnerabilities.
• Manage and support SIEM environments across UAT and Production (DC/DR).
• Use SIEM, network telemetry, and behavioral analytics to detect threats.

Threat Intelligence & Incident Response

• Track zero-day vulnerabilities, APT campaigns, and emerging threats.
• Perform incident triage, investigation, containment, and recovery.
• Conduct root cause analysis and post-incident reviews.
• Coordinate with regulatory authorities like SEBI, CERT-In, and RBI when required.
• Conduct red team / blue team exercises and cyber drills.

SOC Operations & Optimization

• Manage SOC tools, dashboards, correlation rules, and alerts.
• Implement SOAR automation and detection improvements.
• Work with NOC, IT operations, and DR teams to improve security resilience.
• Ensure proper log management, forensic readiness, and compliance.

Compliance & Governance

• Support regulatory reporting and compliance requirements.
• Develop and maintain SOC policies, SOPs, runbooks, and incident response playbooks.
• Implement proactive threat hunting programs and improve SOC maturity.

Required Experience

• Minimum 6+ years of hands-on experience with IBM QRadar (administration, rule tuning, log onboarding, dashboards, AQL, DSM, correlation rules).
• Strong experience in SIEM/SOC operations, threat detection, and incident response.
• Understanding of financial services threat landscape.

Preferred Certifications

ITIL, CCNA, CEH or similar cybersecurity certifications.

Key Competencies

• Strong analytical thinking and problem-solving skills
• Good communication and coordination abilities
• Ability to manage major security incidents in regulated environments

Interested candidates can share their CV at:

annapurna.t@locuz.com