Minimum qualifications:
- Certifications in GCIH, GCFA, GREM, CEH, CySA+, CC, etc.
- 6 years of experience in security analysis, networking, windows, TCP/IP, security and command-line interface.
- 6 years of experience in security operations or system/network administration.
- Experience in protocols, log analysis, security monitoring, cyber security, logging and attacks.
- Certifications in PEN-200/OSCP, GCFA, GREM, GPEN.
- Experience with log management platforms, such as Splunk or Elasticsearch/Logstash/Kibana (ELK).
- Experience with cloud infrastructure, such as Google Cloud Platform (GCP).
- Experience writing either host-based or network-based detections (e.g., Yara or Snort).
Want more jobs like this?
Get Education jobs in Pune, India delivered to your inbox every week.
About the job
As a Threat Hunting Analyst, you will be responsible for monitoring, detecting, and responding to cyber attacks. You will focus on host and network analysis, looking for signs of intrusion, malware execution, and attacker activity. You will be part of a team of analysts who work tirelessly to apply their security and response expertise in conjunction with threat intelligence to deliver a high-impact and value service to managed defense customers, providing actionable recommendations and compromise reports.
Google Cloud accelerates every organization's ability to digitally transform its business and industry. We deliver enterprise-grade solutions that leverage Google's cutting-edge technology, and tools that help developers build more sustainably. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.
Responsibilities
- Develop and apply investigative techniques to large data sets to perform continuous hunting activities within managed defense customer environments for previously unidentified threats.
- Develop workflows and automations to reduce attacker dwell time and enhance managed defense threat hunting processes.
- Translate threat actor Tools, Techniques, and Procedures (TTPs) into hunting analytics.
- Evaluate hunting analytic efficacy for tuning and promotion of analytics to alerting status.
- Utilize Mandiant and supported vendor technologies to conduct investigations and examine endpoint and network-based sources of evidence.