Manager

The subjected position is for Threat Detection Engineering function under MSS-Engineering Team. This is a technical lead position who should be having working &hands on experience of 7+ years on the Threat Detection capabilities, for SIEM(LogRhythm, Forti SIEM etc.), EDR, XDR and other Security Solution from the Detection Capability perspective. The person should have strong skills on Use cases creation including MITRE, Cross & Multi Correlation, Threat Hunting Hypothesis creation, Performing Threat Hunts, Skills to drive technical POCs for different security solutions, strong understanding on MITRE framework, and Malware Analysis Skills. Should have strong skills on leading multiple technical initiatives and drives them to closure with value additions. This also includes product evaluation of new Security Solutions. New portal development skills from technical point of view.

Responsibilities

Good knowledge on the functionality of SIEM, EDR & XDR technologies.

Hands on knowledge in detection engineering services (CTI, Threat hunting, Use-Case Development, malware Analysis, Security Analysis, System Integration& RE).

Hands on experience in Developing MITRE Mapped, Cross Correlated use cases on SIEM (LogRhythm, Forti SIEM, etc.) and other security solutions.

Hands - on experience on performing Technical Product Evaluations (POC) for different Security Solution for Detection Engineering.

Hands-on experience in performing Cyber Threat Hunting using standard, Hypothesis & Situational based approaches.

Hands on experience in creating Threat Hunting Hypothesis for active APT/Threat actor groups

Good knowledge on Malware Analysis, functionality of the Malware Threat & how to create respective Detection Queries

Good understanding on Security Incident Analysis to performing deep level of analysis on major security incidents.

Should have a strong understanding of System Integration using API and other available methods.

Should have a good understanding of SOAR functionality.

Must have Strong security knowledge - Anyone certificate below is an advantage. (GIAC, CISSP, CCSK, CCSE, CISA, HBSS,NSA, Cisco Security, Security + CEH and other SIEM Vendor security certifications).

Desired Skill sets

SIEM, Use Case Development, SOAR, Malware Analysis, CTI, EDR, XDR