Contract- Cybersecurity Consultant (threat/incident/forensics)
KPG99 INC
ContractExternal
IndustryTechnology
LocationTBA
SalarySalary not specified
Posted1/14/2026
ExperienceNot specified
Job description
Position: Senior Cyber Threat Hunter
Location: Remote 100%-India (No outside india consultant will be considered)
Duration: 3-6 months
Role Overview
- Threat hunters proactively conduct intelligence‑driven hunts, representing 80% of the work across the enterprise.
- Requires strong hands‑on threat hunting experience and natural curiosity, as each scenario is unique.
- Work is fully intelligence‑driven; playbooks exist, but candidates must be able to independently diagnose and investigate.
- Industry background is less important than technical ability, analytical thinking, and overall threat‑hunting skill.
- The remaining 20% involves supporting investigations related to past security incidents.
- Candidates must understand vulnerabilities, adversary behaviors, and attack methodologies.
Day‑to‑Day Responsibilities
- Execute queued intelligence‑driven hunts using Splunk and Microsoft Defender – MUST HAVE EXPERT experience with these 2 tools.
- Build advanced Splunk queries quickly using multiple data sources.
- Support security controls and incident response efforts.
- Interpret intelligence reports:
- Determine what assets adversaries are targeting.
- Understand attack flow through the environment.
- Identify the techniques used and how they are detected or mitigated.
JOB REQUIREMENTS
- 5+ years of experience in a technical cybersecurity role with focus in one or more of the following areas: Threat Hunting, Incident Response, Forensics or Red Teaming
- A bachelor’s or advanced degree in a relevant field such as cybersecurity, computer science, or information technology.
- Certifications such as GIAC Certified Forensic Analyst (GCFA), GIAC Cloud Forensics Responder (GCFR), GIAC Network Forensic Analyst (GNFA), GIAC Incident Handler (GCIH), EC-Council Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or equivalent are highly beneficial.
- Cloud security certifications (AWS Security Specialty, Azure Security Engineer, GCP Professional Cloud Security Engineer) preferred.
- In-depth knowledge of developing hunt hypotheses and writing hunt queries using cybersecurity technologies, tools, and techniques including SIEM, EDR, NDR, UEBA, forensic tools, and SOAR platforms.
- Strong analytical and problem-solving skills to interpret complex data and identify potential security threats.
- Proficiency in using host, cloud, and network forensic artifacts to conduct thorough investigations at scale.
- Working knowledge of the Cyber Kill Chain Model and MITRE ATT&CK Matrix and how each methodology can be applied to threat hunting.
- Experience applying AI/ML techniques to anomaly detection, behavioral analytics, and predictive hunting.
- Effective communication skills to articulate findings, present reports to leadership, and collaborate with cross-functional teams.
- Experience with at least one common scripting or programming language, such as Python, PowerShell, Go, or JavaScript.
- Proficiency in developing and implementing Yara, Sigma, and custom detection rules to enhance threat hunting efforts.
- Demonstrated ability to mentor junior team members and lead cross-functional hunt sprints.