LTIMindtree Limited is an Indian multinational information technology services and consulting company. A subsidiary of Larsen & Toubro, the company was incorporated in 1996 and employs more than 90,000 people.
The offshore TIH Lead will work closely with Onshore & offshore team on the Threat Intelligence & hunting activities. This includes developing methodologies for Threat intelligence. Analyze, develop & disseminate indicators of compromise (IOCs),
Experience in Threat Intelligence & Hunting Experienced in discovering and gathering Threat data from intelligence feeds Prior experience of developing methodologies for threat data mining to uncover the threat actors and threat vectors Experienced in maintaining, developing, and continuously evaluating cyber threat intelligence, & threat intelligence/data sources Maintain an understanding of the overall threat landscape (cyber, malware, botnets, phishing, DDoS, physical) applicable to Carrier Collect, analyze, investigate, store, and disseminate indicators of compromise (IOCs) Regularly develop and produce written cyber, brand and threat intelligence reports Provide support to the Security Incident Response Team and SOC in the effective detection, analysis, and containment of attacks, as well as researching potential IOCs and linking to intelligence Draft, edit, and disseminate threat intelligence information/briefs to stakeholders, executive leadership, and others Monitoring of security procedures and practices; recommend optimizations and improvements when gaps are identified Collaborate with Monitoring and Incident Response team & Content Engineering team to build proactive detection logic for threat detection Assist the SOC Monitoring & IR team in analysis and resolution of Major incidents. Leverage Threat Intelligence gathered to execute Threat Hunting campaigns. Following types of Threat Hunting campaigns will be executed – Threat Indicator driven threat hunting Hypotheses driven threat hunting MITRE ATT&CK framework driven hunting campaigns Escalate true positives to Incident status and assist in relevant incident response Perform end-to-end threat hunting, developing, maturing and maintaining TTP or attack pattern detection techniques Perform the full threat hunting cycle, including recommendations for EDR detection rules Collaborate with IR team to recommend and mitigate the effects caused by an incident. Perform technical cyber security investigations on security incidents, root cause analysis and deep dive analysis of malicious artifacts, analyze threat intelligence, identify TTP and attack patterns. Help mature the Security Incident Response process to ensure it meets the needs of the global business and is adhered to. Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities.