Job Description: Security Operations Centre – Senior Incident Response and Governance Specialist

Reporting Structure 

Reports to Manager - Security Operations Centre

Location – Navi Mumbai (Kharghar)

Education

• Bachelor’s degree in information technology, or a related field, Cybersecurity (preferred).

Experience/ Qualifications 

• 8 years of technology or other relevant industry experience. Emphasis on security operations, incident management, intrusion detection, and security event analysis.

• 5+ years of working experience with SIEM and SOAR security technologies/vendors (such as Qradar, and Palo Alto)

• Ability to isolate problems between hardware and software and provide information to appropriate support team(s)

• Excellent communication and collaboration skills

• Ability to handle pressure and work effectively in a fastpaced environment

Industry 

• IT, ITES, Banking (Preferred)

Responsibilities 

Incident Detection and Triage:  

• Experience with security tools and technologies (e.g., SOAR, XDR, Brand Monitoring, BAS)

• Responsible for lifecycle support in the areas of BAS strategy and BAS service delivery.

• Responsible for tuning out false positives and creating actionable reports.

• Monitor the impact of deploying new content on the health and performance of the SOAR, XDR & TIP solutions.

• Knowledge of legal and regulatory requirements related to data breaches a plus.

• Good understanding of Incident life cycle and Triage process.

• Good experience in OS logs, WAF, IPS, firewall etc. log analysis. 

• Knowledge of Threat Intelligence and Security Advisories research and analysis would be added advantage.

Communication and Collaboration:  

• Communicate effectively with internal stakeholders, including system administrators, IT operations, and business units

• Collaborate with external vendors and law enforcement as needed

• Prepare and deliver incident reports and updates to senior management Threat Intelligence:  

• Stay up to date on the latest cyber threats and vulnerabilities

• Share threat intelligence with other security professionals within the organization

• Contribute to the development and improvement of the organization's security posture

Industry Certifications 

• Technical certifications: CompTIA security+ CEH or relevant

• Security Standard frameworks: ISO/NIST/PCI-DSS

• Incident Handling and relevant certification