Threat Hunting Analyst and Senior Analyst (Banking Sector)

1.  Collect and analyse Indicators of Compromise (IOCs) to support the refine detection and response efforts.

2.            Validate and provide recommendations on changes to security controls to detect and / or protect against emerging security threats.

3.            Assist in evaluating the potential impact of vulnerabilities on the organization's systems and applications and provide recommendations for remediation.

4.            Investigate the existence of indicators of compromise (IoCs) to uncover hidden threats and vulnerabilities, correlate and group these Indicators of Compromise (IoCs) to determine the scope and severity of incidents over Threat Intelligence Platform (TIP) solution and assist in threat hunting activity prioritization.

5.            Assist incident response teams in understanding the nature and source of security incidents and provide guidance on containment and mitigation strategies.

6.            Conduct systematic and targeted searches across hosted and extended infrastructure according to defined hypothesis.

7.            Perform Threat Hunting activities through utilizing multiple security infrastructure, such as (but not limited to); EDR, NDR, Attack Surface Management, Endpoint AV, WAF, SOAR, TIP, Deception solution to detect tactics, techniques, and procedures (TTPs) of the tracked adversary groups.

8.            Maintain detailed records of threat hunting activities, findings, and outcomes.

9.            Assist in design use cases and rules that can detect and identify the threat according to the collected logs

10.          Perform data driven threat hunting activities while abiding to Threat Intel and Hunting frameworkds.

11.          Assist in developing hypothesis to identify potential security threats by conducting systematic and targeted searches across the network and systems.

12.          Prepare and deliver comprehensive threat hunting reports to management, highlighting findings and recommended actions

13.          Assist in designing SOC metrics, dashboards, scorecards, executive dashboards to be presented and reported based on the SOC Process document.

14.          Assist in creating threat hunting dashboards for data visualization and security posture visibility.

Requirements

Bachelor Degree of Engineering, Computer Science or equivalent.

             Minimum 3 - 5 years of experience in IT, Information Security or any related fields (5 - 7 years of experience for senior)

             Experience with analysing security intelligence threats and threat actors.

             Knowledge of packet capture and analysis

             Knowledge of dynamic malware analysis, log analysis, and digital forensics

             Experience in incident response and remediation

             Very good knowledge in Operating Systems, network and application security

             Experience in EDR, FWs, WAF, NDR, SIEM and TIP solutions

             Proficiency in threat hunting tools and platforms, as well as data analysis tools

             Knowledge of cyber threat landscapes, attack vectors, and malware analysis is beneficial

             Experience with scripting languages (e.g., Python) and familiarity with automation for threat hunting tasks

             Recommended - one or more- of the below certifications :

o             CISM

o             CISSP

o             Certified Threat Hunting Professional (CCTHP)

o             GIAC Certified Incident Handler (GCIH)

o             GIAC Certified Forensic Analyst (GCFA)

Very good command of English and Arabic languages

             Very good Analytical Skills

             Good Leadership Skills

             Very good Communication skills