METRO AG - Threat Intelligence/Hunting Specialist - Cyber Security

Job Description :

METRO Global Solution Center (MGSC) is internal solution partner for METRO, a 31.6 Billion international wholesaler with operations in 32 countries through 625 stores & a team of 93,000 people globally.

The primary responsibility is to focus on managing and optimizing EDR solutions to enhance endpoint security.

This includes designing, implementing, and maintaining EDR systems and technology, investigating incidents, and developing security policies.

The ideal candidate will bring deep technical expertise, operational maturity towards improving security posture by collaborating with other teams and staying current with the latest threats.

Qualification :

Responsibilities :

- Lead activities to gather intelligence on threat actors, including their tactics, techniques, and procedures (TTPs).

- Conduct in-depth analysis of the threat landscape, focusing on industry-specific and emerging threats.

- Use Various available Security controls and the telemetry data within to conduct proactive threat hunts using a hypothesis-based approach.

- Analyse large datasets (logs, packet captures, alerts) to identify anomalies, malicious activity, and Indicators of Compromise (IOCs).

- Collaborate with SOC analysts, incident responders, and threat intelligence teams to improve detection rules and response strategies.

- Additionally, take the identified anomalies to a conclusion.

- Define the metrics, measurements and analytical tools to quantify surface area of risk, business impact and implement mechanisms to track progress on efforts to reduce those risks.

- Continuously improve hunting methodologies, automation, and use of threat hunting frameworks (e.g., MITRE ATT&CK).

- Stay current on emerging threats, vulnerabilities, and cyber-attack techniques.

- Create and present tailored threat intelligence and hunting reports along with mitigation strategies to internal stakeholders, including executives and IT Team to take necessary actions.

- Prepare monthly reports on threat hunts and able to showcase ROI of the overall threat hunting program.

- Adapts quickly to changing priorities, seeks new ideas, and re-aligns teams priority/roadmap to maximize business productivity.

Qualifications :

Technical & Soft Skills :

- In-depth knowledge of security operations center (SOC) operations, Cyber incident response, threat intelligence with extensive experience performing Threat hunting on IT Systems,

Network and Endpoints.

- Experience with scripting (Python, PowerShell, etc.) and automating threat detection or

hunting tasks.

- Proficiency with OSINT tools, scripting and automation (e.g., Python, PowerShell), and

Darkweb.

- Strong understanding of security frameworks (e.g., MITRE ATT&CK, Cyber Kill Chain) and

current threat landscapes.

- Knowledge about Advanced persistent threats and treat actors, their TTPs.

- Ability to recognize attack patterns and corelate them with specific threat actors.

- Ability to proactively find cybersecurity threats and mitigate them.

- Ability to obtain as much information on threat behaviour, goals and methods as possible.

- Knowledge of Analytics platforms for carrying out detailed analytics of obtained telemetry.

- Strong understanding of Windows, Linux, and network protocols.

- Excellent communication and interpersonal skills to effectively collaborate with clients, stakeholders, and internal teams.

- Analytical and problem-solving skills to identify and address security issues and incidents.

- Ability to adapt to changing security threats and evolving business requirements.