Search Results: 8 vacancies
...vulnerabilities, and exploits to identify novel TTPs and their related mitigations.
Produce and test rules for hunting and enrichment (Yara, etc.)
Analyze threat attack life-cycle including its behavior, modus operandi and objectives.
Follow an exhaustive approach...
...trojans, and botnets, to understand their impact on systems and networks.- Signature Development : Develop and refine detection signatures, YARA rules, and IOC (Indicators of Compromise) to enhance malware detection capabilities.- Threat Intelligence : Stay updated with the...
...rules in SIEM tools. - Integrate new log sources, assets with SIEM, and incremental threat intelligence feeds. - Draft, test, and deploy YARA and Chronicle Backstory rules. - Implement integration of endpoints with SOAR solutions, notably Simplify, CXSOAR, and Sumologic SOAR....
...Threat Actor TTPs and IOCs for client and community consumption
Contribute to the development of use cases and threat detection logic (YARA and SIGMA rules) and tools to enhance threat detection capabilities for clients.
Continuously improve and automate threat hunting...
...statically and dynamically.
Knowledge of the world of malware (its methods, workings, and notorious families).
Familiarity with using YARA or other engines to create detection rules.
Demonstrated expertise in x86/x64 or ARM architecture reverse engineering....
...knowledge in Normalization concepts and Unified Data Modelling (UDM). - Basic knowledge of Linux commands, regular expressions, SQL query, YARA-L syntax, IOC, Python, CLI,GCP IAM, Work Force Identity Federation ,UDM, API etc.- Integration of different log types. - Knowledge in...
...Persistent Threat (APT) and associated tactics, targeted attacks.
Strong familiarity with mitigation strategies such as Suricata, Snort and YARA signatures
To operate at the level required to disassemble, core principles of structured programming are required to be proficient...
...technologies and designing of threat intel playbooks/ workflows through scripting knowledge of Python/Bash etc.
Familiarity with SIGMA, YARA and other open Standard CTI formats (Openc2, STIX, TAXII)
Roles & Responsibilities
Provide intelligence briefings to wide...