BMC Sr HRIS Analyst- 

India, Maharashtra 

636752543

Here is how, through this exciting role, YOU will contribute to BMC's and your own success:

• Monitor and analyze data from security systems including open source and enterprise solutions.
• Effectively communicate identified threats and track remediations until completion.
• Conduct proactive threat hunting operations to detect, analyze, and mitigate advanced persistent threats (APTs) across enterprise and cloud environments.
• Integrate threat intelligence feeds and use frameworks like MITRE ATT&CK to assess and defend against current adversary tactics.
• Contribute to automation initiatives to streamline threat detection, alerting, and response workflows.
• Conduct penetration testing, adversary simulation, and security tools validation.
• Document findings, techniques, and outcomes in knowledge bases and reports.

To ensure you’re set up for success, you will bring the following skillset & experience:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field—or equivalent hands-on experience.
• 5+ years of experience in cybersecurity threat management, threat detection, threat hunting, or offensive security.
• Proficiency with at least one SIEM platform (e.g., Splunk, QRadar, Sentinel).
• Proficiency with enterprise solutions providing dark web monitoring, attack surface management, threat intelligence, and risk rating.
• Understanding of network protocols, operating systems, and cybersecurity fundamentals.
• Proven experience with penetration testing tools and techniques (e.g., Cobalt Strike, Metasploit, Burp Suite, custom exploits).
• Good understanding of network protocols, endpoint behaviors, and cloud security.
• Strong scripting or automation skills (e.g., Python, PowerShell, Bash).
• Excellent communication and documentation abilities.

Whilst these are nice to have, our team can help you develop in the following skills:

• Familiarity with threat intelligence tools and frameworks (e.g., MISP, STIX/TAXII).
• Knowledge of cloud security practices (AWS, Azure, or GCP).
• Industry certifications such as OSCP, GIAC GCTI, GCFA, GREM, GPEN, or CISSP.
• Curiosity for cybersecurity and continuous learning.