Lead Incident Management

Job Description:

·      Support cyber incident response actions to ensure proper assessment, containment, mitigation and documentation

·      Perform in-depth analysis and investigative efforts when events are escalated and determine next appropriate containment/remediation/eradication efforts.

·      Research and Evaluate new technologies like Anti APT solutions, SOAR, ,Deception technologies, Big Data forensic analytic tools, and assist in implementation of the same.

·      Assist with defining and updating incident response playbooks to ensure tasks align with best practice

·      Identify and propose areas for improvement within the Security Operations Centre.

·      Responsible for driving execution of daily, weekly, and monthly metrics for statistical threats and KPIs.

·      Coordinate with global stakeholder along with the Senior management during contingency scenarios/ high severity incidents to ensure responsive actions are communicated in timely manner.

Profile Description:

·      Should have 7-11 years of specific Information Security experience.

·      Should have subject matter expertise in relevant areas, such as Incident Response, Forensic analysis, Malware analysis, Intrusion analysis and Crisis Management.

·      Strong working knowledge on security tools, such as SIEM,AV,Vulnerability scanners,Proxies,WAF,Net flow,IDS and Forensic Tools.

·      In-depth knowledge of malware families and network attack vectors

·      Demonstrated experience in an enterprise-level incident response team or security operations centre.

·      Log (network, security, access, OS, application, etc. ) analysis skills and experience in relation to identifying and investigating security incidents.

·      Strong knowledge of Operating System Internals (Linux, Windows. Etc)

·      Should be familiar with security engineering practises, web/Application security, Cloud Security.

·      Should have Scripting knowledge (PowerShell, Python,Vbscript..etc)

·      Have sound analytical and problem solving skills

·      Preferable be a GIAC,CISSP, CEH certified Professional

·      Experience in product suites like Mcafee, Fireye, Crowd Strike, Cylance etc.