Position Summary:The SOC Incident Responder is responsible for performing in-depth and advanced analysis of incidents escalated by the Detection team, ensuring adequate containment, remediation, and eradication to effectively close the incident. They continuously focus on refining incident response plans and improving security measures based on lessons learned from past incidents.Job Description:Support cyber incident response actions to ensure proper assessment, containment, mitigation, and documentation. Perform in-depth analysis and investigative efforts when events are escalated and determine next appropriate containment/remediation/eradication efforts. Assist with defining and updating incident response playbooks to ensure tasks align with best practice. Identify and propose areas for improvement within the Security Operations Centre. Responsible for driving execution of daily, weekly, and monthly metrics for statistical threats and KPIs. Coordinate with global stakeholder along with the Senior management during contingency scenarios/ high severity incidents to ensure responsive actions are communicated in timely manner. Research and evaluate new technologies like Anti APT solutions, SOAR, Deception technologies, Big Data forensic analytic tools, and assist in implementation of the same.Profile Description:Should have 8-11 years of specific Information Security experience. Should have subject matter expertise in relevant areas, such as Incident Response, Forensic analysis, Malware analysis, Intrusion analysis and Crisis Management. Strong working knowledge on security tools, such as SIEM,AV ,Vulnerability scanners, Proxies, WAF, Net flow, IDS and Forensic Tools. In-depth knowledge of malware families and network attack vectors Demonstrated experience with endpoints telemetry, Malware analysis tools, Exploit kits and SIEM platforms. Demonstrated experience in an enterprise-level incident response team or security operations centre. Log (network, security, access, OS, application, etc. ) analysis skills and experience in relation to identifying and investigating security incidents. Strong knowledge of Operating System Internals (Linux, Windows. Etc) Should be familiar with security engineering practises, web/Application security, Cloud Security. Should have Scripting knowledge (PowerShell, Python,Vbscript..etc) Have sound analytical and problem solving skills Preferable be a GIAC, CISSP, CEH certified Professional Experience in product suites like Mcafee, Fireye, Crowd Strike, Cylance etc.We are Mindsprint!A leading-edge technology and business services firm that provides impact driven solutions to businesses, enabling them to outpace speed of change. For over three decades we have been accelerating technology transformation for the Olam Group and their large base of global clients.Working with leading technologies and empowered with the freedom to create new solutions and better existing ones, we have been inspiring businesses with pioneering initiatives.Awards bagged in the recent years:Best Shared Services in India Award by Shared Services Forum – 2019 Asia’s No.1 Shared Services in Process Improvement and Value Creation by Shared Services and Outsourcing Network Forum – 2019 International Innovation Award for Best Services and Solutions – 2019 Kincentric Best Employer India – 2020 Creative Talent Management Impact Award – SSON Impact Awards 2021 The Economic Times Best Workplaces for Women – 2021 & 2022 #SSFExcellenceAward for Delivering Business Impact through Innovative People Practices – 2022For more info:
Job Title
Security Operations Center Analyst