Experienced and proactive Cyber Threat Hunter to strengthen our Security Operations Centre (SOC) in defending against advanced and emerging threats.

BankingOnsite

Lead and execute proactive threat hunting missions across enterprise systems, leveraging hypotheses informed by adversary tradecraft, threat intelligence, and defensive data visibility.
Apply advanced analytics, behavioral baselines, and statistical methods to large-scale log datasets to detect subtle anomalies or outliers indicating potential compromise.
Employ and evolve cyber defense frameworks such as MITRE ATT&CK, Diamond Model, and NIST Cybersecurity Framework in daily hunting activities.
Collaborate closely with SOC monitoring, Incident Response, and Threat Intelligence functions to operationalize hunt outcomes and strengthen detection logic.
Develop repeatable hunting playbooks and automation routines using scripting languages such as Python, PowerShell, or similar.
Provide technical mentorship and contribute to continuous improvement initiatives across the Cyber Defence Group.

5–10 years of experience in Security Operations, Threat Hunting, or Incident Response, preferably within financial or large enterprise environments.
Deep technical understanding of attacker TTPs, intrusion lifecycle, and lateral movement behaviors.
Strong capability in enterprise log analytics, with proficiency in platforms such as Splunk, ELK, UEBA, or QRadar, and query languages (SPL, KQL, SQL).
Demonstrated experience in hypothesis-driven hunting and investigative research against complex multi-domain telemetry data.
Familiarity with MITRE ATT&CK, threat intelligence integration, malware analysis fundamentals, network forensics, and EDR/XDR platforms.
Scripting or data analytics experience (Python, PowerShell, or equivalent).

AVP/SA, Cyber Threat Hunter, Information Security Services, Group Technology