USI-FY26-Cyber-CyberOperate-Detect ...

Cybersecurity Threat Hunter - Solution Delivery Advisor

Deloitte is seeking a skilled Threat Hunter to join our Security Operations Center (SOC) team in Pune, India. In this role, you will proactively research and identify relevant threat actors, attack vectors, and behaviors impacting our clients' industries and specific network environments.

What You'll Do:

• Research trending cyber campaigns, attack vectors, and actively hunt for them within client environments.
• Adapt to diverse security tools and technologies, demonstrating a strong conceptual understanding of security principles.
• Maintain up-to-date knowledge of client technology architectures, security solutions, threat intelligence, and recent security incidents.
• Perform in-depth analysis of alerts from SOC Analysts, triaging threat activity using host and network data, traffic, and protocol analysis.
• Identify threat/infection vectors, determine the extent of infections, and prepare comprehensive reports on findings.
• Respond to client-specific investigation requests related to software vulnerabilities, zero-days, and security incidents.
• Document all actions and findings meticulously within a ticketing workflow management system.
• Present threat hunt findings to clients, leveraging excellent presentation and communication skills.
• Act as a subject matter expert in at least one security functional area (e.g., malware reverse engineering, Python programming, digital forensics).
• Adhere to internal operational security policies and Deloitte's standards.
• Continuously hunt for new patterns, activities, and evolving tactics used by advanced threat actors.
• Contribute to Security Information and Event Management (SIEM) content development and testing.
• Provide recommendations for asset remediation and risk mitigation, including security upgrades, configuration changes, and SIEM content enhancements.
• Develop and document new threat hunting techniques, automation, and procedures in collaboration with service leadership.
• Mentor junior threat hunters and conduct training sessions.
• Foster a collaborative team culture and identify team members' strengths.
• Collaborate with service leadership to contribute to the growth of the Detect & Respond service.

About The Team:

Deloitte's Detect & Respond (D&R) team combines advanced technologies with human intelligence to help clients monitor, detect, investigate, and respond to known and unknown cyber threats. We enable clients to be secure, vigilant, and resilient against a constantly evolving threat landscape. Our key areas of focus include:

• Threat Detection and Response
• Attack Surface Management
• Threat Intelligence
• Threat Hunting
• Data Protection

Qualifications:

• Bachelor's degree or equivalent experience in Intelligence Studies, Information Security, Information Technology, Computer Science, Math, or a related field.
• 2+ years of experience in security information and/or technology engineering support.
• Relevant certifications such as CISSP, GIAC (GCIH, GMON), CEH, or equivalent are highly desirable.
• Extensive knowledge of network security, endpoint security, threat intelligence, application functioning, and IT infrastructure.
• Proficiency with SIEM technologies, EDR solutions, forensics tools, and malware analysis.
• Deep understanding of Advanced Persistent Threats (APT) tactics, techniques, and procedures.
• Excellent spoken and written communication skills.
• Strong analytical and problem-solving abilities.
• Hands-on experience with security technologies including SIEM, IDS/IPS, DLP, Proxy, WAF, EDR, Anti-Virus, Sandboxing, firewalls, Threat Intelligence platforms, and Penetration Testing tools.
• Understanding of common attack activities (network scanning, DDoS, malicious code).
• Familiarity with common network infrastructure devices (routers, switches).
• Solid grasp of basic networking protocols like TCP/IP, DNS, HTTP/S.
• Fundamental knowledge of system security architecture and security solutions.

Good to Have:

• Basic programming skills in Python, Java, or Ruby.
• Ability to work effectively both independently and as part of a team.
• Excellent interpersonal and organizational skills.
• Proactive learner with a strong desire to understand security incidents holistically.

Location:

This role is based in Pune, India, with potential opportunities in Bengaluru, Hyderabad, and Chennai.

Shift Timings:

Flexibility for night, weekend, and holiday coverage is essential. Willingness to work 24x7 rotational shifts and provide on-call support as needed based on project assignments.