SOC Incident Responder
AHMEDABAD, GUJARAT, India
Adani Group
- Providing first line response to customer alerts and ensuring internal security teams are alerted
- Responsible for handling day-to day operations to monitor, identity, triage and investigate security events from various Endpoint (EDR), Network and Cloud security tools and detect anomalies, and report remediation actions
- Responsible for detecting and responding to security incidents, coordinating cross-functional teams to mitigate and eradicate threats
- Responsible for triaging security incidents and conducting response actions to detect, contain and remediate identified security incidents
- Analyze firewall logs, server, and application logs to investigate events and incidents for anomalous activity and produce reports of findings
- Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents
- Responsible for handling security incidents reported by third parties or external security researchers
- Determine root cause analysis and create post-mortem report for security incidents
- Track security events and incidents in SOAR tool
- Develop and document threat driven response playbooks to support security incidents
- Provide knowledge sharing, mentoring, and support of team members
- Maintain current knowledge and understanding of the threat landscape and emerging security threats
- Assist in the creation and maintain Autodesk Security Response Centre's process and tools documentation
- Provide support as on-call personal during security incident
- Responsible for working in a 24/7 environment including night shifts and the shifts are decided based on the business requirement.
- Maintain a high level of confidentiality and Integrity.
- Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership
- Author Standard Operating Procedures (SOPs) and training documentation when needed
- Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.
- Should be comfortable to be part of 24*7 SOC services.
Educational qualifications:
- Bachelor’s degree relevant to Information Technology, Computer Science/Engineering (or equivalent).
- Advanced interpersonal skills to effectively promote ideas and collaboration at various levels of the organization
- One or more security-related certifications from any of the following organizations: SANS - [GCIH, GCFE, GCFA], AWS, Azure Cloud security Certifications or equivalent are desired
Experience:
- Minimum 3+ years of cyber security experience in incident response and Overall 7 to 13 Years experience in Cyber Security
- Technical depth in one or more specialties including: Malware analysis, Host analysis and Digital forensics.
- Strong understanding of Security Operations and Incident Response process and practices
- Experience performing security monitoring, response capabilities, log analysis and forensic tools
- Strong understanding of operating systems including Windows, Linux and OSX
- Experience with SIEM, SOAR, EDR, Network, AWS, and Azure security tools
- Experience with IR and Forensic investigations within Cloud environments such as AWS and Azure
- Experience with one or more scripting languages (PowerShell, Python, Bash, etc.)
- Excellent critical thinking and analytical skills, organizational skills, and the ability to work as part of a team
- Excellent verbal and written communication skills
- Should be comfortable to be part of 24*7 SOC services.
- 5.5 Working Days
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory AWS Azure Bash Cloud Computer Science EDR Firewalls Forensics GCFA GCFE GCIH Incident response Linux Log analysis Malware Monitoring PowerShell Python SANS Scripting SIEM SOAR SOC Windows
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open EDR-related jobs
- Open DoD-related jobs