Threat Hunter (Proactive Detection Specialist)

Job Title: Threat Hunter (Proactive Detection Specialist)

Department: Security Operations Center (SOC)

Location : Delhi

Candidates from in and around Delhi alone are preferred

Role Summary

The Threat Hunter (Proactive Detection Specialist) is responsible for conducting proactive, hypothesis-driven threat hunting operations across the full technology stack to identify undetected adversary activity, develop detection capabilities from hunt findings, and maintain intelligence-led hunting aligned with threat actors targeting Indian critical infrastructure.

Key Responsibilities

1. Conduct continuous, hypothesis-driven threat hunting operations across the full technology stack, correlating SIEM event data, UEBA behavioural deviations, NDR network anomalies, Deception interaction logs, and ASM exposure intelligence to uncover undetected adversary presence.
2. Develop and maintain a structured threat hunting programme, hunt playbooks mapped to MITRE ATT&CK tactics, recurring hunt calendars prioritised by threat intelligence, and measurable KPIs (hunts completed, new detections created, dwell time reduction).
3. Create new detection signatures, correlation rules, UEBA models, and NDR policies directly from hunt findings, every confirmed hunt finding must produce at least one automated detection to prevent recurrence; track detection-from-hunt conversion rate.
4. Collaborate with the Deception technology administrator to design and deploy high-fidelity decoys, lures, and breadcrumbs strategically positioned based on threat intelligence and known adversary TTPs relevant to Indian government infrastructure.
5. Produce comprehensive hunt reports including hypothesis, data sources queried, analytical methodology, findings (positive and negative), new IOCs/IOAs discovered, and detection content created and present findings in weekly threat review meetings.
6. Maintain current expertise on nation-state threat actors targeting Indian critical infrastructure track campaigns, TTPs, and tooling from groups tracked by CERT-In and NCIIPC; translate intelligence into actionable hunt hypotheses within 48 hours of new advisories.

Educational Qualification

• B.Tech / M.Tech in Computer Science, Cybersecurity, or related field.

Experience Requirement

• Minimum 6 years in cybersecurity, of which at least 3 years in dedicated threat hunting or advanced threat detection roles within a SOC handling 10,000 assets.

Technical Skill Requirements

• Expert proficiency in MITRE ATT&CK framework, ability to map adversary behaviour to sub-techniques, identify detection gaps per tactic, and design hunt hypotheses covering the full kill chain from Initial Access through Exfiltration.
• Advanced skills in data analysis and scripting, SIEM hunting, SQL for data lake queries, and experience with platforms for analytical hunt documentation.
• Hands-on experience with NDR traffic analysis (full PCAP, NetFlow, DNS analytics), UEBA model interpretation, and Deception technology deployment and monitoring in production environments.

Company Website : https://innspark.in/