Security Incident Response
Security Incident Response491
Applications
491
Applications
About the Job
Skills
*Looking for someone with strong IR & Investigation Skills with basic/mid level knowledge of Forensics*
This Job Role addresses the following activities:
Ø Cyber Security Incident Response
Ø Digital Forensics and Investigation
Ø Job Accountabilities:
Ø Plan and Oversee daily activities of forensic analysts and incident responders
Ø Conduct forensic investigations, identify systems of interest and direct data acquisition, analysis and containment measures
Ø Conduct network forensics, intrusion analysis, malware analysis and reverse engineering, threat intelligence fusion (wherever possible/ required) to identify the root cause / patient zero
Ø Build knowledge and skills within the team on latest forensic tools, endpoint threat detection tools, technologies and techniques on an ongoing basis
Ø Work with red team/ penetration testing teams to strengthen detection and response measures for advanced attacks and contribute to the knowledgebase of the Cyber Defence Center
Ø Able to conduct manual investigation of Cyber Incident by correlating logs, events from multiple devices, servers, etc.
Ø Able to develop standard operating procedures, playbooks for Cyber Incident Response.
Ø Contribute to enhanced detection capabilities of the CDC using threat intelligence and drive innovation and efficiency of the Cyber Defence Center by leading automation initiatives
Ø Be responsible for accuracy, timeliness of the forensics investigation incidents and examinations and provide relevant reports, dashboards, metrics for periodic reviews and management presentations
Ø Co-ordinate with stakeholders, build and maintain positive working relationships with them
Ø Skills Required (Knowledge and Skills)
Technical competencies:
Ø Deep knowledge of OS internals (Windows, Linux), Active Directory and typical vulnerabilities and misconfigurations and associated exploitation techniques and scripting
Ø In-depth practical knowledge and experience in application of TTPs, MITRE Framework in securing an enterprise environment
Ø Working knowledge of at-least 1 EDR and SIEM tools (commercial or open source)
Ø Expertise in server and mobile forensic tools such as Autopsy, FTK, Encase, Oxygen, Cellebrite, Wireshark, RAM analysis, Registry analysis tools etc
Ø Significant experience in investigating complex, multi-location security breaches and creation of detailed forensic investigation reports and presentations for variety of stakeholders
Ø Experience of rapid rule development in response to newly released attacks, IOCs will be a plus
Ø Research bent of mind and passion for keeping up-to-date with the latest threat landscape and adversarial techniques
Non-technical competencies:
Ø Logical thinker with attention to detail
Ø Strong collaborative skills and proven ability to work in a diverse team of security and IT professionals
Ø Process oriented
Ø Meticulous and methodical approach to documentation
Ø Good interpersonal skills to interact and gather relevant information from a variety of stakeholders such as IT, Network and Security teams
Ø Excellent verbal and written English
Ø Ability to work with calm and patience in high pressure situations in a dynamic environment
Key Attributes (Experience and Qualifications):
Ø BE/B.Tech/ME/M.Tech/MCA/MS from a reputed/recognized institute
Ø 5-8 years of relevant experience in Forensics, Incident Analysis and Investigation
Ø Excellent verbal and written communication skills and customer management skills
Ø Certification as a CHFI, GCIH or GCFA would be an advantage (desired)
About the company
Industry
Media & Telecommunication...
Company Size
51-200 Employees
Headquarter
Navi Mumbai, Maharashtra
Other open jobs from Jio