Skip to main content
Posted 04 June, 2026

Senior Specialist

ExlService Holdings, Inc.
Noida, Uttar Pradesh, India Full Time
Reference: 218_689623_12995

Key Responsibilities

  • Proactively hunt for advanced persistent threats (APTs), zero-day exploits, and other sophisticated attacker activity across the enterprise environment.
  • Continuously monitor and analyze threat actor activity, tracking their Tactics, Techniques, Procedures (TTPs) and associated Indicators of Compromise (IOCs) using frameworks like MITRE ATT&CK.
  • Manage the full intelligence lifecycle by gathering and processing raw data from diverse sources, including internal logs, commercial threat feeds, open-source intelligence (OSINT), and dark web forums.
  • Triage, filter, and analyze large datasets to correlate activity, establish context, and produce timely, accurate, and actionable intelligence.
  • Disseminate critical intelligence reports, threat briefs, and situational awareness reports to diverse audiences, from technical SOC analysts to CISOs and executive stakeholders.
  • Produce and maintain executive-level dashboards that clearly communicate the threat landscape, risk posture, and operational effectiveness.
  • Partner with SIEM and SOAR engineering teams to refine and automate threat detection and response workflows, and to review threat briefs, validate hypotheses, and continuously improve detection logic.
  • Meticulously document all analytic content, detection logic, core assumptions, and tuning parameters to ensure transparency and maintainability.

Required Skills and Experience

  • Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related field.
  • 6+ years of experience in cybersecurity, with a demonstrated history as L3 in Cyber Threat Intelligence and/actionable threat hunting.
  • Expert-level understanding of threat actor TTPs, APT groups, the cyber kill chain, and the MITRE ATT&CK framework.
  • Proven experience in hypothesis-driven threat hunting for advanced adversaries in complex enterprise networks.
  • Experience with Threat Intelligence Platforms like Anomali, or MISP.
  • Strong data analysis skills with experience processing raw logs (e.g., endpoint, network, proxy) and multiple intelligence feeds (OSINT, commercial, dark web).
  • Hands-on experience with SIEM/SOAR platforms (e.g., Sentinel) for detection logic, analysis, and automation.
  • Ability to develop and deliver regular, metric-driven reports on threat hunting activities, key findings, and emerging trends.
  • Excellent communication skills with the ability to produce high-quality, executive-level reports and brief the leadership.
EXL (NASDAQ: EXLS) is a leading data analytics and digital operations and solutions company. We partner with clients using a data and AI-led approach to reinvent business models, drive better business outcomes and unlock growth with speed. EXL harnesses the power of data, analytics, AI, and deep industry knowledge to transform operations for the world's leading corporations in industries including insurance, healthcare, banking and financial services, media and retail, among others. EXL was founded in 1999 with the core values of innovation, collaboration, excellence, integrity and respect. We are headquartered in New York and have more than 54,000 employees spanning six continents. For more information, visit www.exlservice.com.


EXL never requires or asks for fees/payments or credit card or bank details during any phase of the recruitment or hiring process and has not authorized any agencies or partners to collect any fee or payment from prospective candidates. EXL will only extend a job offer after a candidate has gone through a formal interview process with members of EXL's Human Resources team, as well as our hiring managers.
EXL is the indispensable partner for leading businesses in data-led industries such as insurance, banking and financial services, healthcare, retail and logistics. We bring a unique combination of data, advanced analytics, digital technology and industry expertise to help our clients turn data into insights, streamline operations, improve customer experience, and transform their business. Our partnerships with clients are built on a foundation of collaboration - and we've been chosen as a partner by nine of the top ten leading US insurance companies, nine of the top 20 global banks, and six of the top ten US health care payers. We function as one team to make your goals our goals, whether that's unlocking the value of generative AI or embedding analytics into workflows that reduce risk or power your growth. Clients choose EXL as their transformation partner for many reasons. Our geographic diversity make talent all over the world instantly accessible. Digital accelerators enable unmatched speed-to-value, letting you realize results fast. It's our people that truly set us apart, though, including the 1,500 data scientists we have dedicated to our generative AI practice. And our more than twenty years of experience in delivering business services, garnering stellar client references, and maintaining a solid balance sheet are reassuring to our C-suite clients. Find out for yourself why clients, employees, and analysts think we're some of the best in the business. Contact us to see how we can help you achieve your goals.

Required Skills and Experience

  • Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related field.
  • 6+ years of experience in cybersecurity, with a demonstrated history as L3 in Cyber Threat Intelligence and/actionable threat hunting.
  • Expert-level understanding of threat actor TTPs, APT groups, the cyber kill chain, and the MITRE ATT&CK framework.
  • Proven experience in hypothesis-driven threat hunting for advanced adversaries in complex enterprise networks.
  • Experience with Threat Intelligence Platforms like Anomali, or MISP.
  • Strong data analysis skills with experience processing raw logs (e.g., endpoint, network, proxy) and multiple intelligence feeds (OSINT, commercial, dark web).
  • Hands-on experience with SIEM/SOAR platforms (e.g., Sentinel) for detection logic, analysis, and automation.
  • Ability to develop and deliver regular, metric-driven reports on threat hunting activities, key findings, and emerging trends.
  • Excellent communication skills with the ability to produce high-quality, executive-level reports and brief the leadership.

Key Responsibilities

  • Proactively hunt for advanced persistent threats (APTs), zero-day exploits, and other sophisticated attacker activity across the enterprise environment.
  • Continuously monitor and analyze threat actor activity, tracking their Tactics, Techniques, Procedures (TTPs) and associated Indicators of Compromise (IOCs) using frameworks like MITRE ATT&CK.
  • Manage the full intelligence lifecycle by gathering and processing raw data from diverse sources, including internal logs, commercial threat feeds, open-source intelligence (OSINT), and dark web forums.
  • Triage, filter, and analyze large datasets to correlate activity, establish context, and produce timely, accurate, and actionable intelligence.
  • Disseminate critical intelligence reports, threat briefs, and situational awareness reports to diverse audiences, from technical SOC analysts to CISOs and executive stakeholders.
  • Produce and maintain executive-level dashboards that clearly communicate the threat landscape, risk posture, and operational effectiveness.
  • Partner with SIEM and SOAR engineering teams to refine and automate threat detection and response workflows, and to review threat briefs, validate hypotheses, and continuously improve detection logic.
  • Meticulously document all analytic content, detection logic, core assumptions, and tuning parameters to ensure transparency and maintainability.
Apply to this Job

Sign up for Job Alerts

By clicking Create Alert, you agree to the Global Terms of Use Agreement and acknowledge that you have read and understand the Global Privacy Policy.