Team Lead – Incident Response – Security Operations Centre
Job Details
Job Title
Team Lead-SOC
Department
Cyber Security
Reporting to
Head Cybersecurity Operations
Location
Ahmedabad
Job Objective
Our Cyber Security Operation function works to continuously strengthen cyber security posture through research, threat simulations, threat hunting, and offensive security engagements.
The position of Incident Response is responsible for leading incident response engagements and activating other teams in case of critical incidents. This role requires hands-on technical expertise and ability to communicate effectively. In support of these, candidates with extensive forensics, incident response and cyber security experience are encouraged to apply.
Roles and Responsibilities
Providing first line response to customer alerts and ensuring internal security teams are alerted
Responsible for handling day-to day operations to monitor, identity, triage and investigate security events from various Endpoint (EDR), Network and Cloud security tools and detect anomalies, and report remediation actions
Responsible for detecting and responding to security incidents, coordinating cross-functional teams to mitigate and eradicate threats
Responsible for triaging security incidents and conducting response actions to detect, contain and remediate identified security incidents
Analyze firewall logs, server, and application logs to investigate events and incidents for anomalous activity and produce reports of findings
Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents
Responsible for handling security incidents reported by third parties or external security researchers
Determine root cause analysis and create post-mortem report for security incidents
Track security events and incidents in SOAR tool
Develop and document threat driven response playbooks to support security incidents
Provide knowledge sharing, mentoring, and support of team members
Maintain current knowledge and understanding of the threat landscape and emerging security threats
Assist in the creation and maintain Autodesk Security Response Centre's process and tools documentation
Provide support as on-call personal during security incident
Responsible for working in a 24/7 environment including night shifts and the shifts are decided based on the business requirement.
Maintain a high level of confidentiality and Integrity.
Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership
Author Standard Operating Procedures (SOPs) and training documentation when needed
Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.
Should be comfortable to be part of 24*7 SOC services.
Job Requirements
Educational qualifications:
Bachelor’s degree relevant to Information Technology, Computer Science/Engineering (or equivalent).
Advanced interpersonal skills to effectively promote ideas and collaboration at various levels of the organization
One or more security-related certifications from any of the following organizations: SANS – [GCIH, GCFE, GCFA], AWS, Azure Cloud security Certifications or equivalent are desired
Experience:
4+ years of cyber security experience in incident response
Technical depth in one or more specialties including: Malware analysis, Host analysis and Digital forensics
Strong understanding of Security Operations and Incident Response process and practices
Experience performing security monitoring, response capabilities, log analysis and forensic tools
Strong understanding of operating systems including Windows, Linux and OSX
Experience with SIEM, SOAR, EDR, Network, AWS, and Azure security tools
Experience with IR and Forensic investigations within Cloud environments such as AWS and Azure
Experience with one or more scripting languages (PowerShell, Python, Bash, etc.)
Excellent critical thinking and analytical skills, organizational skills, and the ability to work as part of a team
Excellent verbal and written communication skills
Should be comfortable to be part of 24*7 SOC services.
AddRec Solutions Pvt. Ltd. © 2024 | All Rights Reserved
MANAGED BY INFIEGRITY SOLUTIONS