Safeguarding the organization’s IT and OT environments by detecting, investigating, and proactively hunting for cyber threats. The role bridges intelligence and operations, turning threat data into actionable detections and hunt activities. Working closely with SOC Team, the specialist enhances detection capabilities and strengthens the organization’s overall cyber resilience.

Major challenges are,

(1)Keeping pace with evolving threat landscape as attackers develop new techniques and strategies.

(2)Thorough understanding of security operations centre (SOC) 24x7

(3) supporting the Information Risk Management Division Manager in dealing with an increased cybersecurity risk due to the geopolitical situation

(4) Contributing to the ongoing continuous improvement of SOC due to the current maturity level and the changing threat level

(5) Keeping up to date with IT and OT cyber threats to stay ahead of such threats.

• Perform proactive threat hunting across IT and OT networks using intelligence from the Threat Analyst to uncover stealthy or undetected threats.
• Analyse and correlate security incidents to understand attacker behaviour, techniques, and campaign patterns beyond simple alerts.
• Bridge threat intelligence with detection logic, translating new IOCs, TTPs, and adversary trends into actionable detection content for the SOC Engineer to implement.
• Conduct deep-dive investigations on high-severity alerts, ensuring accurate root cause determination and actionable recommendations.
• Support incident response teams during containment and eradication phases by providing context on attacker tools, tactics, and infrastructure.
• Collaborate with the SOC Engineer to refine SIEM use cases, detection rules, and SOAR playbooks based on threat hunting outcomes.
• Perform malware reverse engineering and behavioural analysis, extracting IOCs, YARA rules and technical findings to feed into threat hunting and detection development.
• Develop and maintain threat profiles for key adversaries and attack scenarios targeting both IT and OT environments.
• Prepare technical briefings reports summarizing threat findings and lessons learned for management.
• Continuously improve analytical techniques, staying current with emerging threats, tools, and frameworks like MITRE ATT&CK.
• Ensure alignment with legal and ethical guidelines to ensure team activities are authorized and do not compromise company’s integrity or reputation.

• Bachelor degree level in information security, computer science or engineering.
• Holds a relevant professional certification such as (e.g., GCTI, GCIA, GCIH, GREM).

• 10 years Information Security experience in a similar position.
• Proven experience in cyber threat analysis, hunting, and incident investigation across both IT and OT environments.
• Strong understanding of network protocols, malware behaviour, and adversary TTPs aligned with the MITRE ATT&CK framework.
• Experience with SIEM/SOAR platforms, threat intelligence tools, and log analysis for advanced threat detection.
• Strong analytical and investigative skills with hands-on experience in threat hunting.

• Ability to assess and evaluate risk and the impact of legislation and actively promotes compliance.
• Possesses a good understanding of IT and OT business applications.