Threat Defense Operation Lead/ Expert - RQ_384SEC_AUH Back to join us
• 8-10 years experience in SOC operations and threat hunting management. • Experience with scripting or programming, including Perl, Python, C, C++, C#, Java, Bash/Shell, or Batch is a plus • Experience working in a SOC environment Experience managing o
• Oversee the day-to-day operations of the TDO activities Develop threat hunting hypothesis and scenarios in accordance to client context. Respond to high-priority requests for information/hunts from senior stakeholders
• Develop relationships with CTI and IR to enhance TDO hunt capabilities. Provide quality control over team products; assist with drafting, editing, critiquing, and proofreading threat intelligence estimates, briefs, assessments, and memorandums.
• Conduct advanced analytic reviews , threat hunting activates and assessment . Manage and update TDO process and procedures as needed Work with GSOC OPs leads to identify and recommend new internal and external data sources to develop additional threat detection logic Participate in the design and development of features and capabilities for threat hunting services Support team members in methods to process tactical mitigations based on results of analysis and determination of threat validity
Splunk, Symantec End Point, TrendMicro Antivirus, McAfee Web Gateway, Checkpoint Firewalls