InfoSec Incident Responder
Ver: 102
Dia de atualização: 06-05-2024
Localização: Bengaluru / Bangalore Karnataka
Categoria: IT - Hardware / Rede Tecnologia da Informação
Indústria: Media Mass Communication
Conteúdo do emprego
Responsibilities
We have all the exciting ingredients and challenges that a global Company can offer in the modern Security Incident Response domain, across the threat landscape, technology, operations and intelligence.
You will have a significant level of autonomy and ownership of the Cyber Security Incident Response domain in the Company.
Your main responsibilities will be:
- Lead, steer and oversee the technical response to advanced cyber security incidents, when triaged, investigated and escalated by the global SOC
- Act as highest level of technical escalation for security incidents identified by Managed SOC Provider Analysts and Incident Responders
- Establish priority and urgency on a wide spectrum of potential incidents and advise the appropriate response
- Conduct investigations on infrastructure through forensic analysis to identify Indicators of Compromise (IoCs)
- Lead the Intelligence-Driven Hypothesis-Based Threat Hunting initiative and cultivate the hunt lifecycle across our massive global IT estate
- Advise on the development of SOC runbooks and procedures through constant feedback and advising on the iterative improvement
- Advise on the automation and orchestration playbooks and, working closely with our InfoSec SOAR and ITSM Engineering
- Advise on the security data collection and analytics, working closely with our InfoSec Platform Engineering and Architecture, SIEM, NDR and EDR included
- Advise on Threat Detection and Threat Intelligence strategy to ensure a comprehensive and relevant coverage across the MITRE ATT&CK Matrix and potential threat actors targeting the Company
- Collaborate and advise the Business Owners to contain and resolve security incidents within broad IT domains across the Company
- Advise on the security posture improvements within the post-incident activities to take our cyber resiliency to the next level
- Maintain incident reporting and communication strategy with senior InfoSec and Company Business Leadership
Preferred Qualifications
We expect intimate familiarity with the craft of collecting and analyzing security incident related data to identify indicators of attack and compromise.
An ideal Candidate would have a passion for learning new technologies, collaborating with other experts to find solutions, and have a calm and positive attitude with a sense of humor in the neverending battle against the evolving threats.
- 4-6 years of experience with increasing responsibilities within a Security Operations Center / CERT / CIRT / CSIRT / MDR environments
- Comfortable familiarity with all aspects of the modern Incident Response lifecycle
- Good understanding of the threats faced by direct to consumer and digital platform organizations
- Hands-on technical experience with application security topics such as the OWASP top 10
- Hands-on technical experience with SIEM & logging tools (Splunk, Kibana, Qradar) and the ability to extract actionable intelligence from large volume aggregated log storage
- Hands-on technical experience with SOAR Platforms and the concepts of runbooks and automation
- Knowledge and appreciation of MITRE ATT&CK Matrix and its practical applications
- Solid knowledge of TCP/IP networking and protocols.
- Hands-on technical experience with public cloud infrastructure and concepts, specifically cloud-native security tools
- Working knowledge of network and content security systems such NGFW, Proxy, Email Security, Routing and Switching
- Familiarity with Identity Access Management and SSO brokers
- Hands on technical experience with open source and commercial proprietary threat intel tools for intelligence gathering
- SANS GIAC Incident Response certifications (GSEC, GCIH, GCIA, GCFA, GREM) are a substantial plus
- Other high-end cybersecurity and IT certifications are a plus
- Solid time management and organizational skills
- Solid communication and presentation skills
Data limite: 20-06-2024
Clique para aplicar para o candidato livre
Reportar emprego
EMPREGOS SEMELHANTES
-
⏰ 30-06-2024🌏 Bengaluru / Bangalore, Karnataka
-
⏰ 12-06-2024🌏 Bengaluru / Bangalore, Karnataka
-
⏰ 23-06-2024🌏 Bengaluru / Bangalore, Karnataka
-
⏰ 27-06-2024🌏 Hubli, Karnataka
-
⏰ 12-06-2024🌏 Bengaluru / Bangalore, Karnataka
-
⏰ 19-06-2024🌏 Bengaluru / Bangalore, Karnataka
-
⏰ 30-06-2024🌏 Bengaluru / Bangalore, Karnataka
-
⏰ 16-07-2024🌏 Bengaluru / Bangalore, Karnataka
-
⏰ 20-06-2024🌏 Bengaluru / Bangalore, Karnataka
-
⏰ 19-06-2024🌏 Bengaluru / Bangalore, Karnataka