Principal Threat Hunter I On-site, Bangalore

How you will make an impact:

• Proactively analyze, document and report on potential security incidents identified in Client environments.
• Collaborate with internal and client partners to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets.
• Is primary POC and coordinator for clients during security events that require urgent response, containment, and remediation.
• Lead, mentor and develop other threat hunters and analysts.
• Provide security gap analysis and effectiveness assessments of security platform technologies or lack thereof to include, but not limited to SIEM, SOAR, XDR, EDR, content development collaboration solutions, network security devices (e.g., firewall/IDS/IPS), web application security, asset management, vulnerability scanners, etc.
• Be informed of new security technologies and assess them for opportunities to improve client security programs or achieve client outcomes.
• Effectively apply OSINT and client data to demonstrate risk of adversary activity and develop recommendations to reduce risk to include mitigation techniques and data to inform detection content or client policies.
• Actively solicit and collaborate with senior & principal analysts for observations to inform threat hunt activities.
• Ability to discuss security posture with multiple clients and make recommendations to better their holistic security approach.
• Lead, mentor, and influence internal teams and client counterparts as the subject matter expert.
• Develop and maintain SOP and KBs that enable effective and efficient content development, analyst understanding and response, and client action items. 

What we are looking for:

• Bachelor of Science or Master’s Degree in Cyber Security or Computer Science, Computer/software engineering, program, or other focus area applicable to this industry combined with 8+ years of experience in Incident Response, Blue Team, and/or Red Team technical operations. 
• Or equivalent education and training that is documented with certifications, performance evaluations, course diplomas, or official memorandum.
• GCFA, GCIA, GREM, GCIH, CEH, OSCP, and other relevant information security certifications
• Leadership experience with developing people or operations AND with completing projects, tasks, and problem solving.
• Experience with 3 or more of the following areas: Incident response processes, Detection Engineering, Malware analysis, Network analysis, Threat intelligence reporting and analysis, Attack and Penetration Testing, Digital Forensics, or cyber threat emulation.
• Experience with Cyber threat methodologies, including the Cyber Kill Chain, Pyramid of Pain, MITRE ATT&CK Matrix, and Diamond Model, and applying them to enterprise Cyber operations.
• Strong understanding of cybersecurity topics and current threat adversary TTPs.
• Strong understanding of Windows and Linux internals.
• Combination of skillsets covering both offensive and defensive security practices.
• Proven scripting experience with Python/PowerShell/Bash/WMIC or other languages.
• Experience with threat hunting lifecycle and application of tools.
• Expert level knowledge of security tools to include but not limited to CrowdStrike, CarbonBlack, Tanium, Splunk, Anomali, Sentinel, Vectra, and other tools highly desired.
• Expert level knowledge of tool integrations to perform data correlation and automation.
• Possession of excellent oral and written communication skills, including making clear and concise presentations to various audiences with an executive presence.

What you can expect from Optiv

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)

EEO Statement

Optiv is an equal opportunity employer (EEO). All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law.

Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.