4 Ttps Jobs

You will be responsible for creating and implementing new threat detection content, rules, and use cases to deploy in the SIEM platform with different data sets such as Proxy, VPN, Firewall, DLP, etc. In addition, you will assist with process development and process improvement for Security Operations by creating/modifying SOPs, Playbooks, and Work instructions. Your role will also involve developing custom content based on threat intelligence and threat hunting results, as well as identifying gaps in the existing security controls and proposing new security controls. Your expertise in SIEM Engineering and knowledge of integrating various log sources with any SIEM platform will be crucial. Furthermore, you will be expected to perform custom parsing of logs being ingested into the SIEM Platform. To succeed in this role, you should have at least 3 years of experience in Content development and experience in delivering and/or building content on any of the SIEM tools like Splunk, ArcSight, QRadar, Nitro ESM, etc. A deep understanding of the MITRE ATT&CK Framework is essential. Experience in SOC Incident analysis with exposure to information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, EDR, and cloud security tools is required. You should also have a good understanding of networking concepts and experience in interpreting, searching, and manipulating data within enterprise logging solutions. In this role, you will be expected to have an in-depth knowledge of security data logs and the ability to create new content on advanced security threats as per Threat Intelligence. You should be able to identify gaps in the existing security controls and have experience in writing queries/rules/use cases for security analytics on platforms like ELK, Splunk, or any other SIEM platform. Familiarity with EDR tools like Crowdstrike and understanding of TTPs like Process Injection are desirable. Excellent communication, listening, facilitation skills, investigative mindset, and problem-solving abilities are essential for this role. Preferred qualifications include understanding of the MITRE ATT&CK framework, demonstrable experience in Use case/rule creation on any SIEM Platform, and familiarity with Chronicle Backstory, YARA, or Crowdstrike rules.,

Greetings from IT.. I am now hiring a Threat Detection Engineer for my Clients. Location: Bangalore, Gurugram. Experience: 6-13 Years N[P: Immediate-30 days Primary skills: Threat hunting, threat intelligence, Splunk In-depth knowledge of external attacks and detection techniques to be able to run analysis of the requirements provided by threat intelligence / SOC teams, generate list of rules that could be implemented (based on self analysis of a threat and avaiable log sources), work with SOC team to operationalize and Purple Team to test.. Familiarity with MITRE ATT&CK framework and Tactics, Techniques, and Procedures (TTPs). Experience with security tools such as Splunk, MDE , Databricks to be able to write custom detections to detect various threats (preferably MDE). Kindly share your resume at chanchal@oitindia.com

Role & responsibilities Primary skills: Threat hunting, threat intelligence, Splunk In-depth knowledge of external attacks and detection techniques to be able to run analysis of the requirements provided by threat intelligence / SOC teams, generate list of rules that could be implemented (based on self analysis of a threat and avaiable log sources), work with SOC team to operationalize and Purple Team to test.. Familiarity with MITRE ATT&CK framework and Tactics, Techniques, and Procedures (TTPs). Experience with security tools such as Splunk, MDE , Databricks to be able to write custom detections to detect various threats (preferably MDE) Preferred candidate profile

Job Description Do you want to lead teams that find and exploit security vulnerabilities in Fortune 100 companies, critical infrastructure, and public sector agencies impacting millions of users? Join Securins Offensive Security Team where you'll emulate real-world attacks and oversee advanced offensive operations. We are a cross-disciplinary group of red teamers, adversarial AI researchers, and software developers dedicated to finding and fixing vulnerabilities across critical digital ecosystems. Role & responsibilities - Lead and perform advanced offensive security assessments, including Red Team operations, threat-based evaluations, and vulnerability exploitation. - Supervise and mentor a team of offensive engineers, manage task prioritization, and ensure high-quality delivery. - Execute Red Team operations on production systems, including AI platforms, using real-world adversarial tactics. - Provide strategic and technical security guidance to internal and external stakeholders. - Collaborate cross-functionally to integrate findings into enterprise detection and defense strategies. - Research and develop adversary TTPs across the full attack lifecycle. - Build tools to automate and scale offensive emulation and vulnerability discovery, utilizing AI/ML systems. - Continuously evaluate and enhance assessment methodologies and frameworks used by the team. - Contribute to the security community through publications, presentations, bug bounties, and open-source projects. Required Qualifications - 5+ years of experience in offensive security, red teaming, or penetration testing with at least 1 year in a leadership role. - Bachelors or Masters degree in Computer Science, Computer Engineering, or relevant field; or equivalent experience. - Expert knowledge of offensive security tactics, threat modeling, APT emulation, and Red Team operations. - Strong understanding of MITRE ATT&CK framework and exploitation of common vulnerabilities. - Proficiency in one or more programming/scripting languages (Python, Go, PowerShell, C/C++, etc.). - Hands-on experience with penetration testing tools such as Metasploit, Burp Suite Pro, NMAP, Nessus, etc. - Familiarity with security in cloud environments (AWS, Azure, GCP) and across Windows/Linux/macOS platforms. - Ability to clearly articulate findings to technical and executive audiences and lead mitigation efforts. - Authorization to work in the country of employment at time of hire and ongoing during employment. Preferred Qualifications - Certifications like OSCP, OSCE, OSEP, CRTO, or equivalent. - Experience with Purple Team operations and threat intelligence integration. - Track record in CTF competitions or bug bounty programs. - Reverse engineering experience or malware analysis expertise. - Exposure to Responsible AI and adversarial machine learning. - Participation in AI Village at DEFCON or similar security research events. - Publications or contributions to conferences such as AISec, NeurIPS, FAccT, or IC4. Other Requirements Ability to meet Securin, customer, and/or government security screening requirements. This includes a background check at the time of hire/transfer and every two years thereafter. Who Should Apply You have experience executing technical research and offensive security strategies with teams. You are skilled in experimental security science and confident in building your own tools. You clearly communicate findings, are mission-driven, and want to drive change in AI and cybersecurity. Role-Specific Policy This hybrid role requires in-office presence at least 50% of the time. Locations: Chennai, Tamil Nadu (India)