Security Engineer II (Threat Hunter)

About The Position

Requirements

• Minimum of 8+ years of experience in cybersecurity, with at least 5+ years focused on threat intelligence analysis and cyber threat hunting.
• Proven experience leading or mentoring CTI analysts.
• Strong expertise in threat intelligence platforms (TIPs), SIEM tools, and endpoint detection technologies.
• Proficiency in collecting, analyzing, and disseminating threat intelligence from OSINT, internal sources, and commercial threat feeds.
• Hands-on experience with automated workflows, playbook development, and advanced threat hunting techniques.
• Deep understanding of attack methodologies, APTs, malware, ransomware, and other cyber threats.
• Familiarity with the MITRE ATT&CK framework and indicators of compromise (IoCs).
• Ability to synthesize complex data and produce actionable, clear intelligence for both technical and non-technical audiences.
• Strong communication skills for reporting and briefing leadership on emerging threats.
• Experience working in large enterprise environments with complex infrastructures and multiple overlapping tools.
• Excellent reporting and communication skills with the ability to present technical findings to varied audiences.
• Proficiency in scripting languages such as Python and SQL for data analysis and automation.
• Knowledge of STIX/TAXII protocols for automated sharing and ingestion of structured threat intelligence data across systems.
• Strong understanding of dark web marketplaces, threat actor infrastructures, ransomware groups, and emerging cybercriminal tactics, techniques, and procedures (TTPs).

Nice To Haves

• Security certifications such as CISSP, GCTI, or equivalent are highly preferred.

Responsibilities

• Proactively hunt for advanced persistent threats (APTs), malware, and other malicious activities across networks, systems, and applications. Identify hidden threats that evade traditional security measures.
• Synthesize large volumes of data from multiple sources to develop clear, actionable intelligence. Create detailed threat intelligence reports for technical teams and senior leadership.
• Proactively hunt for advanced persistent threats (APTs), malware, and other malicious activities across networks, systems, and applications. Identify hidden threats that evade traditional security measures.
• Create, optimize, and automate detection rules and enrichment logic using scripting languages like Python and SQL.
• Respond to escalation requests either via the Helpdesk, NOC, junior analysts or other IT representatives.
• Contribute to monthly Cyber Defense dashboard with relevant performance indicators and security threat assessments.
• Develop and implement automated workflows and playbooks to streamline threat detection, analysis, and response processes, ensuring quick and effective mitigation of identified threats.
• Mapping adversary behaviors using the MITRE ATT&CK framework to understand attack vectors and predict potential threats.
• 24x7 on call duties apply on rotation and escalation