Cyber Threat Investigator

Are you a Threat Hunter seeking a new interesting challenge? 🔍

If your answer is yes, it’s your lucky day so keep reading, it can be just what you're looking for! 👀

🧐 WHAT WE ARE LOOKING FOR IN YOU?

• Experience and Specialization: Minimum of 4 years in threat hunting, Digital Forensics & Incident Response (DFIR), or blue team roles, with specific hands-on experience in threat hunting initiatives preferred.
• Tool Proficiency: Operational expertise with leading EDR and threat hunting platforms such as CrowdStrike, Microsoft Defender for Endpoint, or similar solutions that support hypothesis-driven investigations and advanced threat detection.
• Threat Behavior Frameworks: Deep familiarity with adversary behavior modeling using MITRE ATT&CK, along with experience in crafting detections or hypotheses using frameworks like Sigma and behavioral analytics approaches.
• Log Analysis and Scripting Capabilities: Strong analytical skills in handling large datasets using tools like KQL, SQL, and regular expressions. Ability to write custom queries or scripts to parse, filter, and correlate multi-source telemetry during hunts.
• Adversary Simulation and Collaboration: Understanding of purple teaming concepts and familiarity with adversary emulation tools (e.g., CALDERA, Atomic Red Team) is a plus, enabling collaboration with detection engineering and red teams to validate and improve threat visibility.

🧐 HOW WILL YOUR DAILY JOB BE?

• Design and Execute Hypothesis-Based Hunts: Proactively conduct targeted threat hunts by forming and testing hypotheses derived from emerging threat scenarios, internal risk factors, and environmental baselines—spanning across endpoints, network traffic, and cloud workloads.
• Operationalize Threat Intelligence: Analyse threat intelligence reports to identify and track adversary tactics, techniques, and procedures (TTPs). Use this intelligence to focus hunts on relevant threat actor behaviours and active campaigns likely to target the organization.
• Cross-Source Data Correlation: Aggregate and correlate telemetry from multiple platforms such as EDR, SIEM, DNS logs, web proxy data, and identity providers to uncover anomalous behaviours, hidden threats, or lateral movement that evades traditional detection.
• Detection Development Collaboration: Document hunting findings with contextual evidence and actionable conclusions. Work closely with detection engineering and incident response teams to transform successful hunting outcomes into new detection rules, behavioural logic, and automated playbooks.
• Enhance Visibility and Coverage: Continuously evaluate the organization’s detection surface by identifying telemetry gaps or blind spots. Recommend improvements in logging, data collection, and sensor placement to ensure comprehensive visibility and threat coverage across the enterprise.

👀 GOOD TO HAVE:

• Good Behavioral and communication skills.

📅 WHERE AND WHEN?

• Workplace: Lisbon + hybrid work
• Work Schedule: 9AM to 6PM

🤝 WHAT WE CAN OFFER YOU?

• Permanent contract 📋
• Pay and benefits 💸 - Competitive salary and a flexible compensation plan adapted to your needs (Ticket restaurant plan + Health Insurance).
• Opportunity knocks 👍🏻 - Being a part of a growing company, we want to support your path with a career development plan and annual performance-based compensation reviews.
• Learn as you grow 📚 - Starting with a fantastic onboarding program, TCS has robust learning platforms that will allow you to learn and grow personal as professionally.
• Bring your buddy 👫 - If you have referred a friend for an open position under the BYB Scheme and she/he is hired you’ll receive a very attractive cash award.
• Connect globally 🌏 - Work with people from all over the world. You can feel the multicultural workforce.
• And so on 🎉 - Appreciations, incentives, Team Building activities, diversity and inclusion programs, sustainability activities, corporative events... This has only just begun!

💡 WHO ARE WE?

Tata Consultancy Services (TCS) is an Information Technology (IT) company founded in 1968, being part of the Tata Group.

With a presence in 55 countries and over 600,000 employees, TCS is recognized as the #1 Employer in Europe by the Top Employers Institute 🥇

In our portfolio of services, we have information technology services, asset-based solutions, global consulting, engineering and industrial services, digital solutions and services, application maintenance and development, quality assurance and testing services, IT infrastructure and BPS 🎯

We stand out for our experience, reliability, passion, confidence, creativity and skills 💯

WELCOME, WE ARE WAITING FOR YOU! 🚀