Group Specialist - Threat Detection

Company: dpworld

Location: Bangalore, Karnataka, India

Source: oracle

Language: english

<figure class="table"><table style="border-collapse:collapse;border:none;margin-left:-7.35pt;" border="1" cellspacing="0" cellpadding="0" width="655"><tbody><tr><td style="background-color:#B3B3B3;border:solid windowtext 1.0pt;padding:0cm 5.4pt 0cm 5.4pt;width:491.4pt;" width="655" valign="top"><h3 style="margin:6.0pt 0cm;">KEY ACCOUNTABILITIES</h3></td></tr><tr style="height:40.0pt;"><td style="border-top:none;border:solid windowtext 1.0pt;height:40.0pt;padding:0cm 5.4pt 0cm 5.4pt;width:491.4pt;" width="655" valign="top"> <ol style="padding-left:30.53px;"><li>Develop and operationalize AI/ML-based threat detection models across endpoint, identity, network, and cloud environments.</li><li>Operationalise threat intelligence feeds into AI-driven detection pipelines, ensuring alignment with MITRE ATT&CK TTPs.</li><li>Design, develop, and deploy detection use cases across SIEM and XDR platforms.</li><li>Build, maintain, and continuously tune detection rules, KQL queries, and analytics for improved detection fidelity.</li><li>Design and enhance UEBA (User and Entity Behaviour Analytics) models to detect anomalies, insider threats, and advanced persistent threats (APTs).</li><li>Collaborate with red team and adversary simulation functions to validate detection coverage against real-world attack scenarios.</li><li>Drive proactive threat hunting by developing automated workflows leveraging AI-assisted query generation and anomaly detection.</li><li>Continuously evaluate detection effectiveness, reduce false positives, and improve signal-to-noise ratio.</li><li>Integrate multiple threat intelligence sources and contextual data to enrich detections and improve response outcomes.</li><li>Contribute to the development of threat detection standards, frameworks, and best practices.</li><li>Maintain up-to-date knowledge of evolving threats, adversary techniques, and detection technologies to continuously strengthen the organization’s cyber defense capabilities.</li><li>Act as an ambassador for DP World at all times when working; promoting and demonstrating positive behaviours in harmony with DP World’s Principles, values and culture; ensuring the highest level of safety is applied in all activities; understanding and following DP World’s Code of Conduct and Ethics policies.</li><li>Perform other related duties as assigned.</li></ol></td></tr></tbody></table></figure><figure class="table"><table style="border-collapse:collapse;border:none;margin-left:-7.35pt;" border="1" cellspacing="0" cellpadding="0" width="655"><tbody><tr style="height:11.7pt;"><td style="background-color:#B3B3B3;border:solid windowtext 1.0pt;height:11.7pt;padding:0cm 5.4pt 0cm 5.4pt;width:491.4pt;" width="655" valign="top">QUALIFICATIONS, EXPERIENCE AND SKILLS</td></tr><tr style="height:15.75pt;"><td style="border-top:none;border:solid windowtext 1.0pt;height:15.75pt;padding:0cm 5.4pt 0cm 5.4pt;width:491.4pt;" width="655" valign="top">Knowledge and Experience<ul style="list-style-type:disc;padding-left:24px;"><li>Bachelor’s degree in computer science, Cyber Security, Information Systems, or related field.</li><li>8+ years of experience in cybersecurity, with a strong focus on threat detection, threat hunting, or detection engineering.</li><li>Hands-on experience with SIEM/XDR platforms, preferably Microsoft Sentinel and Falcon /Cortex/Stellar Cyber/Defender XDR.</li><li>Strong understanding of MITRE ATT&CK framework and adversary tactics, techniques, and procedures (TTPs).</li><li>Experience in developing detection logic, analytics, and threat hunting queries (e.g., KQL).</li><li>Experience in AI/ML applications for cybersecurity, including anomaly detection and behavioural analytics.</li><li>Experience working with threat intelligence platforms and integrating intelligence into detection workflows.</li><li>Familiarity with cloud security (Azure, AWS), endpoint security, and identity-based threat detection.</li><li>Relevant certifications such as GCIA, GCIH, GCED, AZ-500, SC-200, or equivalent are preferred.</li><li>Experience in multinational environments is an advantage.</li></ul> Soft Skills<ul style="list-style-type:disc;padding-left:24px;"><li>Strong analytical and problem-solving skills.</li><li>Excellent verbal and written communication skills.</li><li>Ability to work in cross-functional teams (SOC, Red Team, Engineering).</li><li>Proactive mindset with strong attention to detail.</li><li>Ability to manage multiple priorities in a fast-paced environment.</li><li>Continuous learning attitude, especially in AI and emerging cyber threats.</li></ul> Technical Skills<ul style="list-style-type:disc;padding-left:24px;"><li>Proficiency in KQL (Kusto Query Language) and detection rule development.</li><li>Strong understanding of SIEM, XDR, EDR technologies.</li><li>Experience with UEBA and behavioural analytics platforms.</li><li>Hands-on experience of AI/ML concepts applied to cybersecurity (anomaly detection, classification models).</li><li>Understanding of log sources and telemetry across endpoint, network, identity, and cloud.</li><li>Familiarity with scripting languages (Python, PowerShell) for automation and analysis.</li><li>Experience with threat hunting frameworks and automation tools.</li><li>Strong knowledge of cyber threats, attack techniques, and detection strategies.</li></ul></td></tr></tbody></table></figure> #LI-AA6

🔥 Apply Now