Job Description & How to Apply Below
Job Description :
Job Title IR-AVP/VP
Experience
10-16 Years
Qualification BE /
B. Tech / M. Tech - Computer Engineering
Role & Responsibilities:
Technical
Skills:
Conduct analysis of artifacts and compromised systems to determine intrusion methods, remediate to a clean state, and drive security improvements.
Investigate potential cybersecurity events across multiple environments using various tools and techniques, including reviewing internal logs and alerts to identify and triage cases, escalating when necessary.
Analyze security data in real-time to detect and thwart potential threats, attacks, and other violations, while performing breach indicator assessments to investigate network traffic for malicious activity.
Assist with internal or third-party employee investigations and support the production of reports analyzing relevant threats to the enterprise.
Research evolving threats, techniques, tools, and vulnerabilities to support information security efforts and stay current with industry trends and security practices.
Support compliance inquiries from IT risk management and auditors, ensuring documentation is complete and processes comply with information security policies.
Contribute to the development of security operations detections, playbooks, and automations to ensure threat detection, monitoring, response, and forensics activities align with best practices and provide comprehensive threat mitigation.
Participate in Table-top exercises and attack simulation exercises organized by internal and external stakeholders.
Key Skills
Following Key Skills are required:
Strong knowledge and experience in Incident Response including security event triage, investigation, containment, recovery and the overall incident response process.
Proficient in operating systems (Linux, Windows), network security, application security and mobile device security.
Experience with security data collection, analysis, correlation, and risk analysis using logs and various data sources.
Well-developed analytical, qualitative, and quantitative reasoning skills, with demonstrated creative problem-solving abilities.
Understanding of offensive security, common attack methods, and the ability to pivot across multiple datasets to correlate artifacts for a single security event.
Diverse skill base in product and information security, including system development, maintenance procedures, and security controls.
Detailed knowledge of security and regulatory frameworks (ISO 27001, NIST 800 series, etc.) and enterprise detection and response technologies (advanced threat detection tools, intrusion detection/prevention systems, etc.).
Experience with tools like Crowd Strike, Microsoft Defender, Tanium, Proofpoint, and open-source incident response and forensic tools.
Ability to document and explain technical details concisely and understandably.
Strong time management skills to balance multiple activities and lead junior analysts as needed.
Fundamental understanding of enterprise cybersecurity frameworks such as MITRE ATT&CK and Cyber Kill Chain.
Qualifications
Bachelor's degree in Information Technology, Cyber Security, Computer Science, or related discipline
8 + years of experience working in the Cybersecurity Operations or Information Security
Relevant technical and industry certifications, such as GCFA, GCFE, GCIH, GCIA, CISSP, ISSMP, CISM, CEH, or GSEC are preferred
Experience in Security Operation Center, Incident Response and Computer Forensics preferred
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×