Systems Engineer II - Threat Hunting / Intelligence
- Hyderabad, India
About Gap Inc.
Our past is full of iconic moments - but our future is going to spark many more. Our brands - Gap, Banana Republic, Old Navy and Athleta - have dressed people from all walks of life and all kinds of families, all over the world, for every occasion for more than 50 years.
But we're more than the clothes that we make. We know that business can and should be a force for good, and it's why we work hard to make product that makes people feel good, inside and out. It's why we're committed to giving back to the communities where we live and work. If you're one of the super-talented who thrive on change, aren't afraid to take risks and love to make a difference, come grow with us.
About the role
- Hunt for and identify threat actor groups and their techniques, tools and processes
- Participate in Hunt missions using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect an eradicate threat actors
- Proven track record of successful innovative hunts that are completed in a timely manner
- Thorough understanding of how to detect lateral movement within a network and thinking outside the box to discover the signal within the noise
- Maintains current knowledge of tools and best-practices in advanced persistent threats; Tactics, Techniques and Procedures (TTPs) of attackers
- Develop Threat Hunting dashboards and reports to identify potential threats, suspicious/anomalous activity, malware.
- Identify malicious or anomalous activity based on event data from Firewalls, WAF, IPS, HIPS, Anti-Virus, and other sources
- Perform Deep-dive Analysis by correlating data from various sources
- Provide expert analytic investigative support for critical Incident Response security incidents
- Act as a technical resource for Web Application Threats (WAF)
- Experience with the Incident response process and procedures
- Excellent communication and influencing skills including the ability to simplify key messages, present compelling stories and promote technical and personal credibility with internal and external executives, and both technical and non-technical audiences
- Act as an escalation support for Incident response SOC on critical security events
- Proven success working across organizational and geographic boundaries
- This position requires the ability to work in shift schedules and on call rotation
- Familiar with Security tools Palo Alto IPS, Cylance, Symantec, Akamai
- Experience in performing Malware analysis
- Experience with utilizing Carbon Black Process tree and Threat hunting
- Utilize SIEM tool Splunk effectively in triage events and Splunk search capabilities
- Strong background within Incident Response & Threat Hunting including IOC (Indicators of Compromise) & TTP (Tactics, Techniques & Procedures)
- Strong knowledge in TCP/IP, cryptographic protocols and algorithms, operating system (MAC\Linux\Windows) internals and operations
- Deep Understanding of common Attack Vectors DDoS attacks, Phishing, Web Attacks, and Malware
- Preferred bachelors degree or B.Tech /MCA or equivalent Degree
- Minimum of 5-7 years of experience in Information Security Incident Response, Cyber Threat Hunting for Grade 18 and 7 to 12 years for grade 20.
Nice to have:
- Security certifications: CISSP, SANS GIAC (GREM, GCFA, GCIH), OSCP
- Experience in User behavior analytics tools and investigation
Benefits at Gap Inc.
- One of the most competitive paid time off plans in the industry
- Merchandise discount for our brand products at franchise stores and their websites
- Comprehensive health coverage for employees, same-sex partners and their families
- Health and wellness program: free annual health check-ups, fitness center and Employee Assistance Program
- Comprehensive benefits to support the journey of parenthood
- Retirement planning assistance
- See more of the benefits we offer.
Back to top