Cyber Security Threat Analyst

Job Overview

LTI Mindtree is seeking a highly skilled Cyber Threat Hunting Analyst to join our team onsite in Dallas, TX. In this role, you will act as a trusted advisor in advanced threat hunting operations, working closely with cross-functional teams to proactively identify, investigate, and mitigate security threats. This position requires an adaptable team player with excellent technical problem-solving skills, strong communication abilities, and a passion for enhancing cybersecurity defenses.

Key Responsibilities

• Threat Hunting & Analysis:
  • Proactively identify threats, insider misconduct, and anomalous behavior by leveraging threat intelligence, multi-source data, and collaborative brainstorming sessions.
  • Lead hunt missions to uncover malicious activity by analyzing command and control (C2) structures and developing network/host-based Indicators of Compromise (IOCs) or Indicators of Attack (IOAs).
• Operational Excellence:
  • Utilize advanced threat hunting techniques and tools to detect, analyze, and respond to security threats.
  • Investigate and analyze alerts for suspicious or malicious activity across corporate environments, supporting remediation efforts.
  • Develop and execute proactive threat hunting methodologies by defining search criteria to uncover undetected threats.
• Collaboration & Advisory:
  • Serve as a trusted advisor by collaborating with Cyber Security stakeholders to identify and address detection gaps.
  • Evaluate and recommend security tools and technologies for threat analysis, impact assessment, and mitigation.
  • Mentor team members by sharing knowledge, best practices, and technical expertise.
• Incident Response & Forensics:
  • Support threat response efforts with ad-hoc threat hunts as needed.
  • Conduct root cause analysis, review incident lessons learned, and support compliance audits to improve overall security posture.
  • Apply foundational Digital Forensics and Incident Response (DFIR) processes to threat investigations.
• Technical Proficiency:
  • Demonstrate expertise in Endpoint Detection and Response (EDR) tools (e.g., CrowdStrike, Microsoft Defender) and related security solutions (SIEM, data lakes, cloud platforms).
  • Utilize log analysis tools and large dataset analysis platforms, including Securonix, Snowflake, Python, Pandas, and SQL.
  • Employ scripting and automation using languages such as Python, PowerShell, or PERL and tools like Regular Expressions, YARA, SIGMA rules, FQL, and KQL.

Required Qualifications

• Education:
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (advanced degree preferred).
• Experience:
  • 5+ years of hands-on experience in the cybersecurity industry with demonstrated roles in SOC, Incident Response, Threat Intelligence, Malware Analysis, IDS/IPS Analysis, or similar functions.
  • Proven track record in independently investigating and analyzing alerts for anomalous, suspicious, or malicious activity and supporting remediation efforts.
• Technical Expertise:
  • Strong understanding of cyber adversarial tactics, techniques, and procedures (TTPs) related to Cyber Crime, Malware, Botnets, Hacktivism, Social Engineering, APTs, and Insider Threats.
  • Proficiency with advanced threat hunting tools and a solid grasp of adversarial frameworks such as MITRE ATT&CK and the Lockheed Martin Cyber Kill Chain.
• Certifications (Preferred):
  • Relevant certifications such as Network+, Security+, CISSP, CISM, GCIH, GCFA, or cloud-specific certifications like AWS Cloud Practitioner, AWS Certified Security - Specialty, or Microsoft Certified: Azure Security Engineer Associate.