Incident Response Analyst T500-22566

Position: Incident Response Analyst [T500-22566]
Location: Bengaluru

About ADM:
We are one of the world’s largest nutrition companies and a global leader in human and animal nutrition. We unlock the power of nature to provide nourishing quality of life by transforming crops into ingredients and solutions for foods, beverages, supplements, livestock, aquaculture, and pets.

About ADM India Hub:
At ADM, we have long recognized the strength and potential of India’s talent pool, which is why we have maintained a presence in the country for more than 25 years. Building on this foundation, we have now established ADM India Hub, our first GCC in India.
At ADM India Hub, we are hiring for IT and finance roles across diverse technology and business functions. We stand at the intersection of global expertise and local excellence, enabling us to drive innovation and support our larger purpose of unlocking the power of nature to enrich quality of life.

Incident Response Analyst
Bengaluru, India

Position Summary:

Under general supervision, the Incident Response analyst will work in the Cyber Threat Action Center (CTAC) and work directly with Cyber Threat Intelligence, Attack Surface Management, and other IT teams to investigate and validate escalated security events and perform incident response activities using established processes and procedures.

Job Responsibilities:

Provide analysis and trending of security log data from enterprise security devices & systems
Provide Incident Response (IR) support when analysis confirms security incident to help contain and eradicate threats.
Perform incident triage, incident response, and forensic investigations across endpoints and cloud environments
Conduct technical examinations of computer-based evidence include logs, packet captures, SIEM & IDS events, disk forensics, malware analysis, and more
Document incidents from initial detection through final resolution, and present the findings
Assist with threat and vulnerability analysis, monitoring, and mitigation
Investigation, document, and report on information security issues
Coordinating with Cyber Intel analysts on open and closed source activities impacting Company
Integrate and share information with other analysts and other teams
Work with SIEM administrators to build detections to help proactively identify real world threats across a broad range of technologies and log sources
Assist with creation and maintenance of standard processes and operating procedures and incident response playbooks
Ability to work in a hybrid managing services environment utilization various partners
Ability to lift 50 lbs. and detect color coded events

Job Requirements:

3+ years’ experience in cyber incident response, or equivalent work experience.
Strong knowledge of IT, computer science concepts.
Bachelors’ degree in IT related major, Information Security Major, or equivalent work experience.
Experience using Windows and Linux to perform tasks and some administration capability.
Experience using IDS/IPS, WAF, and SIEM.
Ability to prioritize work using the guidance of leadership.
Proven experience in disk forensics, static and dynamic malware analysis, packet analysis.
Proven experience in technical and non-technical techniques used by cyber adversaries to attack and achieve their cyber goals.
Ability to communicate and collaborate effectively with other team members in a geographic and culturally diverse workforce
Expected to work occasional nights, weekends, holidays, and overtime.
Expected to perform on-call duties.
Occasional travel may be required.
Strong sense of professionalism and ethics.

Desired

Skills:

CISSP, SANS certifications, or security related CompTIA certifications, or other industry certifications a plus.

Experience with incident response in SCADA, DCS, or PLC environments is a plus

Experience with incident response in SAP is a plus