Y-Axis Jobs Logo
Send us feedback
telephone  +91 7670 800 001
Sign in Try Premium
Cyber Threat Hunter at Capgemini
London, England, United Kingdom -
Full Time

Start Date

Immediate

Expiry Date

05 Jun, 25

Salary

0.0

Posted On

06 Mar, 25

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

No

Skills

Python, Sc Clearance, Aws, Microsoft, Strategy, Languages, Security Engineering, Javascript, Penetration Testing, Inspiration, Go, Scripting, Reverse Engineering, It, Azure, Conducting, Security, Research, Design, Technology, Powershell, Forensic Analysis, Active Directory

Industry

Information Technology/IT

Description

YOUR SKILLS AND EXPERIENCE

  • Demonstrable expertise in threat hunting practices and methodologies with experience in Threat Intelligence platforms and sources
  • Proficiency in Microsoft Sentinel and KQL, knowledge of Azure, desirable to also have knowledge of AWS
  • Knowledge of Active Directory and Entra, knowledge of Endpoint Operating System fundamentals
  • Experience in writing new malware and anomaly detections, knowledge of using statistical methods to find anomalies in data, knowledge of Defensive Cyber-attack methodologies and frameworks
  • Thorough understanding of the network stack and common protocols in use, comfort with scripting in languages such as Powershell, Go, Python, Javascript and C# desirable
  • Experience with forensic analysis, reverse engineering, penetration testing, security engineering, and other related disciplines desirable
  • Practical use of Microsoft Sentinel and Microsoft Defender, competent in writing complex KQL analytics/searches. Strong knowledge of latest threats in security with ability to prioritise threats. Determine factors that contribute to a detection’s effectiveness
Responsibilities

THE ROLE IS FOCUSSED ON IDENTIFYING CURRENT AND FUTURE THREATS USING EXISTING SYSTEMS AND DATA, WHILE IDENTIFYING CAPABILITY GAPS FOR ENGINEERS TO ADDRESS. WORKING WITHIN THE RHYTHM OF A WELL-ESTABLISHED DEFENSIVE TEAM, YOU WILL BE RESPONSIBLE FOR INVESTIGATING AND PROGRESSING THREAT HUNTS ACROSS SEVERAL SYSTEMS AND ENVIRONMENTS. YOU WILL HAVE ACCESS TO FURTHER CAPABILITY THROUGH VULNERABILITY ANALYSIS, ADVERSARY SIMULATION, FORENSICS, INCIDENT RESPONSE, DETECTION IMPROVEMENT, AND ENGINEERING. THE TEAM’S WORK OFTEN SEES ITSELF INVOLVED IN COMPROMISE ASSESSMENTS, ENGINEERING NEW CAPABILITY, AND BESPOKE DETECTION BUILDS.

Hybrid working: The places that you work from day to day will vary according to your role, your needs, and those of the business; it will be a blend of Company offices, client sites, and your home; noting that you will be unable to work at home 100% of the time.

YOUR ROLE

  • Carry out hypothesis, intelligence, and TI-originated hunting at regular cadence, research into latest threats and detection opportunities that primarily impact cloud hosted services and cloud-hosted VM’s. Lead hunts using a range of sources to determine threat actors’ activity that may exist in the environment.
  • Apply knowledge of previous threats and attack methodologies to pivot upon and hunt for. Review and create playbooks and threat modelling.
  • Assist in the investigation and escalation of incidents borne from alerts and threat activity. Development of new analytics and playbooks that result in creation of new detection rules/analytics