Threat Hunting L2

About Company:

Our client is a trusted data center company providing end-to-end infrastructure solutions across India and international markets, known for reliability, scalability, and strong engineering expertise.

An Ideal Candidate:

An Ideal candidate should be 3+ years of experience working as a Threat Hunter L2, responsible for proactive threat detection, investigation, and mitigation, collaborating closely with SOC and IT teams while conducting continuous threat hunting and delivering actionable security insights through periodic reporting

Key Competencies:

Job Description -

· 3–5 years of experience in Threat Hunting/SOC/IR with hands-on expertise in SIEM (LogRhythm, QRadar) and EDR/XDR tools (SentinelOne, CrowdStrike).

· Perform proactive threat hunting across endpoint, network, cloud, and identity logs to detect advanced and stealthy threats.

· Develop and execute hunt hypotheses using attacker TTPs, threat intelligence, and MITRE ATT&CK framework.

· Investigate and correlate security events across SIEM, EDR/XDR, NDR, firewall, and Active Directory logs.

· Convert hunt findings into actionable detection rules and optimize SIEM queries to reduce false positives.

· Handle medium-to-complex L2 incident investigations, including lateral movement and persistence analysis.

· Conduct IOC/TTP mapping, enrichment, and validation, collaborating with SOC, DFIR, and Threat Intelligence teams.

· Possess strong knowledge of Windows/Linux internals, AD logs, network protocols (DNS, HTTP, SMB, RDP), MITRE mapping, Sigma/YARA rules, basic scripting, and strong analytical and documentation skills.