Log In
Sign Up
Tier 2 Cyber Incident Response Analyst, India / Malaysia
Accountability
Work ethic – You are a consummate professional
Aptitude – You have an innate capacity to transition from project to project without skipping a
beat.
Communication – You have excellent written and verbal communication skills for coordination
across projects and teams.
Impact – You are a critical thinker with an emphasis on creativity and innovation.
Passion – You have the drive to succeed paired with a continuous hunger to learn.
Leadership – You are trusted, empathetic, accountable, and empower others around you.
Role and Responsibility
You will be in a client facing position and be responsible for leading, driving and facilitating the
resolution for critical Incidents.
Responsible for planning and coordinating all the activities required to perform, monitor, and
report on the incident Management process.
You will be point of contact for all the critical incidents and will be responsible for closure.
You would be required to lead the team in the right direction to determine root cause, propose
workaround or bypass if root cause cannot be found. Priority will be always to minimize impact
to business and operations to meet Service Level Agreement.
Initiate, schedule and conduct post incident reviews as needed and ensure to build the
knowledge.
Knowledge, Skills, and Abilities:
5-7 years of Information Security experience. Minimum 4 years in a large 24×7 Security
Operations Centre (SOC)
Correct root cause analysis as well identify suitable corrective steps.
Perform deep packet analysis, collection of IOC (Indicator of Compromise).
Threat mitigation and reporting are top priority for this position.
Advanced working skills with Microsoft Sentinel, Qradar, LogRhythm, Arcsight and
Splunk etc. Relevant certification is a plus. Good working knowledge with SOAR and EDR
tools.
Investigate and respond to security incidents. Document and report on information
security issues
Investigate, document, and report on information security issues and emerging trends
Monitor for threats, analyze, and escalate as per process.
Review, triage security alerts, provide analysis, suggest remediation, track
remediation.
Support in resolving security incidents.
Knowledge of network data flows, ports, protocols, and other network and application
services/technologies.
Respond to incidents by collecting, analyzing and preserving digital evidence to assist
with remediation of critical information security incidents.
Ability to write technical documentation and present technical briefings to diverse
audiences.
Strong understanding of threat landscape in terms of the tools, tactics, and techniques
of threats employing both commodity and custom malware.
Current knowledge of security threat intelligence and recent attack vectors
Knowledge on ITIL processes
Relevant security certification will be a plus.
Basic knowledge about AWS and Azure
Security events, incident review and triage experience with Endpoint Detection and
Response (EDR) tools
Ability to conduct detailed analysis of various security related events like Phishing,
Spoofing, Ransomware and SQL Injections etc.
Incident Response experience (identifying, investigating, and responding to complex
attacks)
Excellent Communication skills
