Why Work at Lenovo
We are Lenovo. We do what we say. We own what we do. We WOW our customers.
Lenovo is a US$62 billion revenue global technology powerhouse, ranked #171 in the Fortune Global 500, employing 77,000 people around the world, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver smarter technology for all, Lenovo has built on its success as the world's largest PC company by further expanding into growth areas that fuel the advancement of New IT technologies (client, edge, cloud, network, and intelligence) including server, storage, mobile, software, solutions, and services.
This transformation together with Lenovo's world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit www.lenovo.com, and read about the latest news via our StoryHub.
Description And Requirements
As a Cybersecurity Threat Hunter, you will:
- Identify (hunting) and profiling threat actors and Tactics, Techniques, Procedures (TTPs).
- Conducting proactive threat hunting activities to identify potential security threats and vulnerabilities in the organization's systems and networks.
- User behavior analytics, threat modeling, network & EDR hunting, hunt through MITRE Framework, hunt through Threat Intelligence, hunt via brand intelligence services, blind hunt analogy, hunt pivoting, hunt by orchestration
- Malware analysis and reverse engineering
- Strong understanding of common attack vectors and offensive tools.
- Security Incident Response
- Log analysis (statistical modeling, correlation, pattern recognition, etc.)
- Developing and maintaining threat intelligence sources and monitoring emerging threats to ensure the organization stays ahead of potential risks.
- Analyzing security logs and other data sources to detect security incidents, including malware infections, phishing attacks, and other forms of cyber threats.
- Conducting incident investigations to identify the scope, impact, and root cause of security incidents and breaches.
- Experience with IoC lifecycle.
- Ability to develop small automation scripts and makeshift tools (Python, PowerShell).
- Design and run custom analysis models on (centralized) security event information to discover active threats, including collaboration on the development of use cases when appropriate.
- Developing and implementing strategies and technologies to detect and prevent future security threats.
- Collaborating with other members of the security team to improve the organization's overall security posture.
- Good understanding of enterprise architectures and large IT environment operations.
- Conducting regular security assessments and audits to identify and address vulnerabilities and compliance gaps.
- Provide mentorship and support to teammates with regard to Threat Intel collection , communication/rapport with other business units and various levels of leadership, technical expertise, and career development.
- Change Management/ Implementation: Independently implement changes to meet customer infrastructure needs within area of technical responsibility
- Patch and Security Management: Apply patch and security changes per policy.
- Configuration Management: Ensure Configuration Management Database (CMDB) entries are complete and accurate.
- Quality: Provide continual improvement recommendations for direct responsibility area (process improvement, technical standard updates, etc).
- Project Management: Participate in customer and internal projects, including transformation.
- Customer Relationship Management: Set expectations with customers and/or internal businesses/end users within defined parameters.
- Teamwork: Work as part of a team, which may be virtual and/or global. Participate as part of a team and maintains good relationships with team members and customers
Additional Locations:
- India - Karntaka - Bangalore
- India - Karntaka - BANGALORE
- India
- India - Karntaka
- India - Karntaka - Bangalore , * India - Karntaka - BANGALORE