Information Security Analyst
×
Information Security Analyst
Niyam IT- 2 - 4 yrs
- 29,000 - 34,000 / month
Windows
Linux
cloud
KQL
SPL
Lucene
SQL-like queries
Microsoft Defender
CrowdStrike
SentinelOne
-
Full Time
graduate
2 - 4 yrs
₹29000 - ₹34000 / month
1
Niyam IT
Full Time
Working Type : Work From Office
Job Description :
Job Description:
Conduct proactive, hypothesis-driven threat hunting across endpoint, network, identity, cloud, and application telemetry
Develop and execute hunt scenarios based on threat intelligence, MITRE ATT&CK techniques, and emerging adversary TTPs
Analyze large datasets from SIEM, EDR/XDR, NDR, identity platforms, and cloud logs to uncover anomalous or malicious activity
Identify detection gaps and collaborate with detection engineering teams to create or improve rules, analytics, and alerts
Investigate low-fidelity or weak signals that fall below traditional alert thresholds but may indicate attacker presence
Leverage scripting and automation to accelerate hunts, data enrichment, and large-scale analysis
Collaborate with incident response teams during active investigations to provide deep technical analysis and attacker context
Validate and refine hypotheses through iterative testing, purple team exercises, and adversary emulation activities
Translate hunt findings into actionable outcomes: new detections, improved telemetry coverage, and documented attacker behaviors
Document hunt methodologies, findings, assumptions, and lessons learned in a structured and repeatable manner
Continuously research emerging threats, tools, techniques, and attack campaigns relevant to Eurofins’ environment.
Conduct proactive, hypothesis-driven threat hunting across endpoint, network, identity, cloud, and application telemetry
Develop and execute hunt scenarios based on threat intelligence, MITRE ATT&CK techniques, and emerging adversary TTPs
Analyze large datasets from SIEM, EDR/XDR, NDR, identity platforms, and cloud logs to uncover anomalous or malicious activity
Identify detection gaps and collaborate with detection engineering teams to create or improve rules, analytics, and alerts
Investigate low-fidelity or weak signals that fall below traditional alert thresholds but may indicate attacker presence
Leverage scripting and automation to accelerate hunts, data enrichment, and large-scale analysis
Collaborate with incident response teams during active investigations to provide deep technical analysis and attacker context
Validate and refine hypotheses through iterative testing, purple team exercises, and adversary emulation activities
Translate hunt findings into actionable outcomes: new detections, improved telemetry coverage, and documented attacker behaviors
Document hunt methodologies, findings, assumptions, and lessons learned in a structured and repeatable manner
Continuously research emerging threats, tools, techniques, and attack campaigns relevant to Eurofins’ environment.