MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.

I'm not curious

Jr. Cyber Threat Hunter

Location Bengaluru, India
Posted 20-March-2021
Company Overview

At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our 39,000 employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. Were looking for people who are determined to make life better for people around the world. #WeAreLilly

Position Summary

The Jr. Cyber Threat Hunter will be a key member of the Threat Intelligence and Detection team within Eli Lillys Cyber Fusion Center. The Jr. Cyber Threat Hunter will be responsible for turning threat intelligence into actionable detection of adversary behaviors. The primary responsibility of a threat hunter is to proactively and iteratively discover signs of current or past malicious activity within Lillys environments. The threat hunter will work with our suite of security tools to identify suspicious activities and will use more advanced techniques to discover threats that may have eluded detection. The Jr. Cyber Threat Hunter will expected to be results-oriented, multi-disciplined, and passionate about assessing and improving the security of diverse and complex systems according to industry regulations and information security governance framework.

Core Responsibilities

Conduct Hunt Missions using threat intelligence, analysis of anomalous logs data and results of brainstorming sessions with the goal of identifying threat actors in Eli Lillys environment.
Perform analysis of Netflow, network traffic logs, DNS query logs, proxy logs, network packet captures, as well as other logs form applications and operating systems.
Analyze and hunt for various threat actor groups, attack patterns and tactics, techniques and procedures (TTPs), deep analysis of threats across the enterprise by combining security rules, content, policy and relevant datasets.
Contribute to the development of use cases and threat detection logic to enhance threat detection capabilities.
Continuously improve processes for use across multiple detection sets for more efficient security operations.
Provide expert level support for larger scale or complex security incidents. Documenting best practices for threat hunting and detection development.
Maintain and employ a strong understanding of advanced threats, continuous vulnerability assessment, response and mitigation strategies used in Cybersecurity operations.
Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
Effectively communicate findings and strategy to customer stakeholders, including technical staff, executive leadership and legal counsel.
Collaborate and interface virtually with a multitude of stakeholders within or outside the Cyber Fusion Center.

Required Experiences

3years of overall experience
13years of overall IT Infrastructure experience (both system and network experience).
13years of recent experience in a technical security role (such as in a SOC, Incident Response team, Malware Analyst, Threat Analyst, Threat Hunting, Pen Tester, Adversary Simulation, etc..).
Demonstrated technical experience with Windows and/or Unix/Linux operating systems including command-line tasks and scripting.
Demonstrated technical experience with Networking (data flows, architecture, protocols, traffic analysis, wireless, etc.).
Demonstrated experience working with extremely large data sets, using tools and scripting languages like SIEM Tools (i.e. Splunk), Case Management Tools (e.g. Swimlane, Phantom, etc.), EDR tools (e.g. Tanium, Microsoft Defender ATP, etc.), Network Analysis Tools (NetWitness, Panorama)
Experience with advanced persistent threats and human adversary compromises.
Experience pivoting across the Diamond Model and all stages of the kill-chain
Experience using the Pyramid of Pain in conjunction with MITREs ATT&CK Framework to develop threat hunting hypothesis.
Experience working with security intelligence, data analytics, security incident response, and forensic investigation teams.
Good research and documentation skills including knowledge of major OSINT sources and their investigatory value.
Knowledge of current hacking techniques, vulnerability disclosures, and data breach incidents, and security analysis techniques.
Knowledge of malware families, botnets, threats by sector, and various attack campaigns and attacker methods, tools/techniques/practices.
Knowledge coding experience in at least one of the following Bash, PowerShell, Python, JavaScript, PERL, or Ruby.
Knowledge with threat modeling, development of attack plans, performing manual & automated Ethical Hacking, & develop proof of concept exploits.
Knowledge with Cloud Infrastructure monitoring.
Strong ability to work effectively in a team environment as a mentor.
Proven ability to partner with staff and managers in the Information Security and Information Services organizations.
Demonstrated interpersonal skills, highly self-motivated and including conflict resolution.


Bachelors Degree in Computer Science or equivalent is required.
Masters Degree in Information Security or Cyber Security or associated field is preferred.
One or more of the following certifications are required:
CISSP, OSCP, CEH, GCFA, GNFA, GIAC or other security related certifications
AI/ML experience is preferred
Min 3 to 6 Years.

Awards & Accolades for MyTechLogy
Winner of
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url