• Cyber Security Incident Handler Jobs in Pune,India

  • Save Job
  • 8 - 11 Years
  • Posted : above 1 month

Job Description:

Cyber Security Incident Handler Pune, Maharashtra, India Information Technology 1357

Description The Senior Cyber Security Incident Handler will implement mitigation measures in response to general or specific attempted compromises on the respective networks

Make recommendations to the supporting operations and maintenance organization to take necessary action
Execute critical blocks to mitigate ongoing threat activity, execute immediate action steps, as determined based on the critical nature of the event, to mitigate threat to networks; coordinate with network and other teams as required for network configuration changes; enhance detection capabilities for the threat and enable Intrusion Prevention Sensors in blocking mode to deter threats
Execute Incident Response investigations for the operational environment (unclassified and classified) Investigations shall address each pre-determined category of incident detected; Address priorities and types of internal defensive measures and potential mitigation strategies to be employed (acceptable level of risk)
Respond to inquiries on incident status or issues as appropriate
Capture and perform initial analysis on captured volatile data, log data, captured network traffic data, etc to identify any immediate intrusion related artifacts which in turn will allow immediate defensive countermeasures to be implemented; Develop necessary procedures or scripts to identify such data; Coordinate the shipment of original forensic evidence
Document, update and enhance processes and procedures by producing training materials, standards documents and reports
Utilizes cyber forensic tools (eg, EnCase, Forensic Toolkit, Autopsy/Sleuthkit) and investigative methods to find electronic data, including Internet use history, word processing documents, images and other files
Manage security events identified from enterprise SIEM tool, Threat Intelligence, end user notifications, etc to determine security risk and respond accordingly
Coordinate response, triage and escalation of security events affecting the companys information assets and activities within the Incident Response team
Categorize, prioritize, and normalize an event to determine if it meets the threshold of a potential incident and declare an incident, if required following documented process
Analyze and research known indicators of compromise (IOCs), correlate events, identify malicious activity, and take appropriate containment steps
Formulate and execute a response to the incident and verify that it is contained, eradicated and systems are recovered
Based on the review of the process and steps taken to remediate an incident, suggest and implement improvements in the environment (such as improving technical controls) and/or improve the incident response process
Responsibilities occasionally will require working evenings and weekends, sometimes with little or no advanced notice
Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats
Performs a variety of highly technical analyses and procedures dealing with the collection, processing, preservation, analysis, and presentation of computer-related evidence

Requirements Education

BE/BTech/BS in Engineering from an accredited college or university in Computer Science, Information Security, or Information Systems
A MS in the above is highly desired

Certification Currently holds professional certification ECIH/CHFI/CEH/GCIH/OSCP Certification

Experience 8 years of Information security/Incident response/forensic investigation
The ideal candidate will be highly technical and should possess an advanced understanding across a broad range of security technologies and will take a proactive approach to cyber incidents
Demonstrated experience in handling security events in mission critical environments; hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests
Proven experience in day-to-day operational processes such as security monitoring, data correlation, troubleshooting, security operations etc
Strong consultative skills, with the ability to advise and consult with Executives and Technical professionals
Good grasp of security incident response, such as different phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IOCs), etc
Experience analyzing system and application logs to investigate security issues and/or complex operational issues
Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection)
Strong knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases) Possess exceptional knowledge, experience, and certifications with commercial computer incident triage tools
Must be willing and able to work extended hours on occasion, as well as respond to critical issues during non-business hours

Skills A passion for cyber security and a keen interest in IT
Excellent IT skills, including knowledge of computer networks, operating systems, software, hardware and security
An understanding of the cyber security risks associated with various technologies and ways to manage them
A good working knowledge of various security technologies such as network and application firewalls, host intrusion prevention and anti-virus
Written communication skills, for example to write technical reports
Time-management and organizational skills to manage a variety of tasks, prioritize workload and meet deadlines
Excellent attention to detail, analytical skills and an ability to analyze complex technical information to identify patterns and trends
An ability to work under pressure, particularly when dealing with threats and at times of high demand

Profile Summary:

Employment Type : Full Time
Eligibility : Any Graduate
Industry : Software Services, IT-Software
Functional Area : IT Software : Software Products & Services
Role : System Security
Salary : As per Industry Standards
Deadline : 20th Jan 2020

Key Skills:

Company Profile:


Salary trends based on over 1 crore profiles

View Salaries

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status