About Role

You would be part of the Cyber Security Incident Response team with an operational role to quickly identify, respond to cyber incidents to our global infrastructure. This is a hands-on technical cyber security role with expertise in Security incident response and in the areas of endpoint security, application security, network security or Cloud security.

Role and Responsibilities:

• Assist and/or lead investigations in active security incident scenarios, supporting the organization through the Incident Response lifecycle
• Provide expertise in the triage, escalate and respond to potential security events & incidents and provides support to security teams
• Must also be able to participate in rotating on call schedule and must be able to work collaboratively. Having the ability to work outside of normal working hours as required due to critical incidents or emergency calls, will be essential to success in this role.
• Proactively hunting threats in the environment, identifying new risk, and developing methods to proactively address threats.
• Provide cyber–Incident Response expertise and perform Malware Analysis & reverse engineering of malware.
• Perform forensic analysis in response to cyber-attacks and computer security breaches on systems and networks to identify the extent and nature of the compromise and provide recommendations on containment, eradication, and remediation steps.
• Routinely prepare written technical documentation and reports of findings, along with recommendations, that result from cases involving forensic analysis and incident response.
• Develop and update operational playbook for various cyber incident scenarios including Data breach, ransomware, supply chain compromise etc.,
• Responsible for identification, analysis, and correlation of events of interest, escalation and continued monitoring of cybersecurity events on an enterprise-wide basis.
• Analyze various log, network, malware, forensic, and cyber threat intel to validate security threats, recommend appropriate countermeasures, and assess impact of cyber incidents.
• Assist the Cyber Security manager in the analysis of security breaches to identify the root cause and to implement preventive measures.

About You

• Bachelor Degree holder with minimum 5-7 years of relevant experience.
• 3+ years' experience with Incident Response, Forensics, and/or Malware Analysis.
• Have at least one of the relevant certifications: SANS GIAC: GCIA, GCFA, GCFE, GREM, GXPN, GMON, or GCIH, ISC2: CCFP, CCSP, CISSP CERT CSIH, EC Council: CHFI or ECSA;
• MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK).
• Possess knowledge on log management, logs generated by various applications or appliances of IT infrastructure for SIEM event correlation.
• Experience with investigating using a wide variety of detective technologies SOAR, packet capture analysis, and host forensics and memory analysis tools.
• Expert knowledge on Defender for Endpoint and Servers for effective incident response actions.