Cybersecurity SR. Specialist – Incident Response

job title: cybersecurity sr. specialist – incident response

role overview: the cybersecurity specialist is responsible for the incident response activity. this role will help develop innovative and

effective procedures for the security operations center to enhance response time, coordination, and incident response

operations, and built a world-class team of cyber security incident response. train staff on security operations concepts,

develop incident response management process, write correlations, and integrate intelligence data into monitoring and

operations activities.

roles & responsibilities:

this person will support the information security department's goals and objectives by addressing escalations, and the

evaluation of technology controls providing key insight and research in new threats, vulnerabilities, and mitigation

techniques. in this role, they will take the lead in proposing solutions to improve or reduce risk exposure from the overall

threat landscape and improve the resilience and readiness of security technologies and processes, which ensure the

confidentiality, integrity, and availability of the organization's assets, information, data, and it services in an efficient

manner.

• develop and execute security incident response plans and cyber forensic investigations to investigate all

reported security incidents.

• develop comprehensive incident reports and investigation summaries.

• develop and collect intelligence to proactively detect and identify high-confidence threats to the brand, service

infrastructure, and enterprise users and systems.

• responsible for analyzing/validating security control requirements and tuning, defining the mitigation rules,

scripting, and performing changes or mitigating attacks, and assisting with troubleshooting support related to

any issues that may arise from security detection or protection technologies.

• assist with reviewing existing tools, applications, and processes to help strengthen and optimize current security

capabilities, as well as identifying any gaps or technical solutions to further enhance the team's effectiveness.

• communicate problems and solutions verbally and in written form to peers and management.

• compliance and governance: help achieve compliance, identify compliance initiatives, and promote appropriate

security policies.

• lead analysis and review security events for anomalous activity, collaborate with respective peer groups to take

appropriate action to safeguard company information assets against current and foreseen threats.

• lead the exploration of practical security solutions to address emerging threats and compliance requirements,

including design and implementation of recommended solutions.

preferred experience/skills:

• 6+ years' experience with incident response

• experience in a 24x7 global enterprise, preferably in the healthcare industry.

• sans giac certifications

• experience managing or maintaining malware analysis sandboxes.

• knowledge of malware analysis tools

• python and/or powershell scripting

• knowledge of logrhythm products or other siem tools

• excellent communication and interpersonal skills

incident response

2 revised: 8/2022

• understanding of the business and the ability to assess and address risk without negatively impacting the

business.

• ability to identify and analyze malicious code.

• in-depth understanding of windows operating systems

• ability to evaluate exploit code in relation to existing security controls.

• strong knowledge of networking technologies (tcp/ip, http, smtp, etc.)

• strong knowledge of web application vulnerabilities and solutions

• strong knowledge of windows operating systems

• strong knowledge of the functions of various security infrastructure, including firewalls,

intrusion prevention systems, proxy servers, security event managers, vpns

• general knowledge of network and systems forensics.

• in-depth knowledge of incident response processes and procedures.

• ability to provide 24-hour on-call support on a rotating basis.

work location:

• bangalore/ hyderabad;

• Experience

  4 - 6 Years

• No. of Openings

  2

• Education

  Graduate (B.Tech/B.E)

• Role

  Cybersecurity Analyst

• Industry Type

  IT-Hardware & Networking / IT-Software / Software Services

• Gender

  [ Male / Female ]

• Job Country

  India

• Type of Job

  Full Time

• Work Location Type

  Work from Office

• Face interview location

  ravi@cybernovainnovations.com