Incident Response Analyst (Full Time)
Gurgaon, India
Milliman
Discover your path at Milliman. Learn about our uniquely independent company culture and find opportunities in the actuarial profession, risk management, software development, marketing, and more.Job Summary
This position functions as a member of the corporate information security team and will be an integral participant in drafting and reviewing incident response process documentation. The position shall monitor threat information sources, participate in the incident response, and root cause analysis, and produce metrics relevant to historical events and/or incidents. The position works with local offices and their administrators to assist in accomplishing incident triage and forensic activities consistent with documented procedures for confirmed incidents. The position shall report to and work with the Information Security Manager. In addition, the position shall work with peer team members, Aisa Head, Director of Operations & Security, and the corporate legal team.
Job Requirements
- Participate in day-to-day operations of reviewing information security incidents from various sources, coordinate response, escalation, tracking and analysis of incidents
- Participate in drafting and reviewing incident response process documentation
- Development of Incident Response dashboard and metrics as directed by manager
- Conduct advanced computer and network forensic investigations relating to various forms of malware, computer intrusion, data breaches, etc.
- Participate in threat hunting activities to proactively search for threats in the enterprise environment
- Management and monitoring of data loss prevention (DLP) initiatives
- Keep up to date on latest information security threats and countermeasures
- Recommend security enhancements and purchases consistent with information security strategy and evolving threats
- Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors
- Assist in identifying and remediating gaps as identified throughout the investigation
- Review log-based data, both in raw form and utilizing SIEM or aggregation tools
- Work with the Information Security Officer as integral member of incident response team
- Maintain an up-to-date understanding of industry best practices.
- Willingness to travel occasionally
Qualifications
- Minimum 3-4 years of relevant experience in the information security field
- In depth knowledge of Information Security incident handling and investigation procedures
- Demonstrated skills in conducting forensic analysis of digital evidence, network traffic, managing event analysis/correlation and related incident investigations
- Technical skills proficiency in the following areas: security information event management, network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch, open-source information collection
- Excellent teamwork skills and the ability to successfully interface with other organizational groups
- Candidate must be able to effectively communicate in English (written and presentation/verbal)
- Ability to clearly and effectively communicate Information Security matters to executives, auditors and end users
- Candidate should have a passion for research, and uncovering the unknown about cyber security threats and threat actors
- Candidate should have excellent time management skills including the ability to prepare prioritize and complete work plans.
- Candidate should have excellent decision making and problem-solving skills including the ability to clearly define and resolve issues.
- Ability to work effectively and organize priorities independently
Education & Experience
- Appropriate education such as a Bachelor’s degree in Computer Science (or related engineering degree)
- Minimum 3-4 years of relevant experience in the information security field
- Working knowledge of security operations: perimeter defense, forensics, incident response, kill chain analysis, risk assessment and security metrics.
- Preferred Certifications: CISSP, CISM, CEH, CCFP
- Strong Understanding of risk-based and one or more of the following frameworks: HITRUST, NIST, PCI-DSS, Sarbanes Oxley, HIPAA, FISMA, ISO, or COBIT.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CEH CISM CISSP COBIT Computer Science DNS Firewalls FISMA Forensics HIPAA HITRUST IDS Incident response IPS Malware Monitoring NIST Risk assessment Security strategy SIEM Strategy TCP/IP
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs