Responsible for incident response efforts, conducting comprehensive forensic investigations and proactively hunting for threats within the network and systems and remediate security incidents.

1. Monitor and analyze threat intelligence feeds, security blogs, and industry news to stay informed on emerging threats and vulnerabilities.

2. Execute digital forensics investigations for cybersecurity incidents, including data breaches, advanced persistent threats (APT), ransomware, and insider threats.

3. Utilize forensic tools and techniques to collect and analyze evidence, ensuring secure evidence handling and chain of custody for compliance with legal and regulatory standards.

4. Conduct in-depth analysis of security events from multiple sources, such as SIEM, IDS/IPS, firewall logs, endpoint detection tools, and network traffic data.

5. Develop and execute advanced threat-hunting queries and custom searches to detect malicious activities that may evade standard detection systems and improve detection rules.

6. Conduct host-based and network-based forensic analyses across various platforms, including Windows, Linux, macOS, and mobile devices.

7. Conduct initial malware analysis to assess potential risks.

8. Proactively hunt for threats in the organization’s network by identifying Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) used by adversaries.

9. Build and refine threat-hunting playbooks and runbooks to standardize and enhance threat-hunting operations.

10. Communicate findings through detailed, high-quality reports and presentations to security teams, management, and relevant stakeholders.

11. Experience with Forensic Tools such as FTK, Encase, Oxygen, Cellebrite, etc.

12. Develop the remediation strategies for compromised environments.

13. Conduct cloud incident response across Azure & AWS.

14. Utilize the MITRE ATT&CK framework to map detected threats and enhance threat-hunting capabilities.

15. Ensure timely closure of incidents in compliance with SLA requirements.