Submitting more applications increases your chances of landing a job.

Here’s how busy the average job seeker was last month:

Opportunities viewed

Applications submitted

Keep exploring and applying to maximize your chances!

Looking for employers with a proven track record of hiring women?

Click here to explore opportunities now!
We Value Your Feedback

You are invited to participate in a survey designed to help researchers understand how best to match workers to the types of jobs they are searching for

Would You Be Likely to Participate?

If selected, we will contact you via email with further instructions and details about your participation.

You will receive a $7 payout for answering the survey.


User unblocked successfully
https://bayt.page.link/y9W7tSTY7ma56XR6A
Back to the job results

Lead Engineer - IT

3 days ago 2026/10/28
Other Business Support Services
Create a job alert for similar positions
Job alert turned off. You won’t receive updates for this search anymore.

Job description

Job Description:

Role:  Cyber Incident Response and Threat Hunter


Team:  Cyber Incident Response and Cyber Threat Mitigation Services


Team Overview:


The Cyber Incident Response and Threat Services (CIRTS) team is responsible for Level 2 response to all cybersecurity incidents, as well as detecting and alerting on potential future threats.  This is a dual Incident Responder and Threat Hunter function team that responds to cybersecurity problems facing our industry. 


Tools Used by Team:


  • Splunk – Used for Investigating activity as well as for Threat Hunting and Detection Engineering
  • Cisco Secure Endpoint / AMP – Endpoint Detection for Workstations
  • Trend Micro – Endpoint Detection for Servers
  • Nexthink – Workstation monitoring managed by Workplace – Used in Investigations
  • Varonis – Unstructured Data Activity and Alerting
  • Proofpoint – Email Data Lost Prevention (DLP) and Email Threat Insights
  • Trellix – Web/USB DLP
  • Cisco SecureX / ThreatGrid – Used for forensics investigations
  • Zenoss – Informational for Incident Response/Investigations
  • Imperva/Incapsula – WAF product – Used by team in investigations
  • NetScout DDOS – Used by team in investigations
  • KAPE – Desktop product – Used with Forensic Investigations

Responsibilities:


  • Respond to tickets that are either opened directly to the team in GSC, or escalated by the CDCS team.  This will include investigating activity for any malicious behavior, as well as responding to the incident, including containment, if required.
  • Using Tools, proactively look for unusual activity in our environment that may not have reached the threshold of an alert, or may not be configured for monitoring.
  • Work with other team members to identify any potential areas for improvement in our detection capabilities. 

Goals:


  • Respond to incidents in a timely and complete manner, working with other team members, where necessary to fully investigate and contain any malicious activity.  This includes investigative timelines and artifacts, as well as Incident summaries. 
  • Identify any areas for improvement in how the team collaborates with Cyber Defense, as well as any opportunities to improve our initial response either via training or automation. 
  • Build Splunk Reports and Dashboards to assist our partners (Cyber Defense, Fraud and Audit) with their projects and requirements.   
  • Use results of proactive threat hunts to build additional detection capabilities for Guardian’s cyber defense program.
Location:

This position can be based in any of the following locations:


Chennai

Current Guardian Colleagues: Please apply through the internal Jobs Hub in Workday


This job post has been translated by AI and may contain minor differences or errors.
You’ve reached the maximum limit of 15 job alerts. To create a new alert, please delete an existing one first.
Job alert created for this search. You’ll receive updates when new jobs match.
Are you sure you want to unapply?

You'll no longer be considered for this role and your application will be removed from the employer's inbox.