Threat Hunter

About ColorTokens

 

ColorTokens specializes in advanced security solutions designed to safeguard organizations' assets and critical systems from cyber threats. Our flagship product, Xshield Enterprise Microsegmentation platform, empowers organizations to prevent initial compromises from escalating into damaging crises. By emphasizing proactive security measures, ColorTokens ensures comprehensive protection for critical workloads and data, enabling organizations to stay "breach ready."

 

With a clientele spanning some of the world's largest organizations, including prominent cancer research centers, cities, and national defense departments, ColorTokens serves industries handling sensitive information and subject to stringent regulatory requirements.

 

ColorTokens' cloud-delivered platform streamlines onboarding efforts and reduces maintenance costs for organizations. Providing pervasive protection, their platform covers data center servers, legacy systems, cloud workloads, containers, and operational technology (OT) and Internet of Things (IoT) devices.

 

The company's recognition as a Strong Performer in the Forrester New Wave™: Microsegmentation report solidifies ColorTokens' reputation as a trusted provider of microsegmentation solutions for organizations seeking to enhance their security posture.

 

Our Culture

We foster an environment that values customer focus, innovation, collaboration, mutual respect, and informed decision-making. We believe in alignment and empowerment so you can own and drive initiatives autonomously.

 

Self-starters and high-motivated individuals will enjoy the rewarding experience of solving complex challenges that protect some of world’s impactful organizations – be it a children’s hospital, or a city, or the defense department of an entire country.

 

About Job: 

The Threat Hunter will be responsible for identifying advanced persistent threats using automated models, develop new models based on latest attack patterns, analysis of anomalous log data, provide expert analytic investigative support for complex security incidents.  The focus of the Threat Hunter is to detect advanced attacks, perform investigation on suspicious events detected and provide recommendation and assistance to customer for resolving the incident.

Experience : 6 to 10 yrs 

 

Responsibility 

• Hunt for advanced threats using analytical models and tools
• Provide analytic investigative support for identified security incidents.
• Engage with customer to provide remediation support for identified incidents
• Create and maintain run books for hunting and investigating key threats
• Continuously improve processes for enhancing threat detection
• Work with data scientists to develop new analytical model for hunting

Skills

• Strong understanding of the TCP/IP networking stack
• Knowledge and understanding of attack methodologies and counter measures
• Working Knowledge of security tools like IPS, WAF, Firewall
• Understanding of Enterprise IT infrastructure – Operating system, Active Directory, Proxy, Netflow, Packet capture, DNS, Email 
• Understanding of MITRE Attack framework

Education:

• B.Tech or Cyber Security specialization
• Relevant Technical Security Certifications (SANS GIAC/GCFA/GNFA/OSCP)

Experience:

1. Upto 10 years of experience in Threat Hunting/Threat Analysis, SOC Monitoring , Incident Response, Malware Analysis or IDS/IPS analysis
2. Experience in Investigation, Playbook creation and APT
3. Experience of SIEM based monitoring using one or more of Splunk/QRadar/Arcsight
4. Experience with data hunting using one of ELK/Splunk/AWS

Good to have skills: Understanding of endpoint telemetry including CarbonBlack/Endgame/similar

•

Last updated on Jan 13, 2024