Job Title:  T&T I Cyber: D&R I Manager | Incident Response & Handling | Bengaluru

Job Description

Responsibilities

• Manage client engagements, with a focus on incident response and investigation. Provide both subject matter expertise and project management experience to serve as the “point person” for client engagements
• Assist with client incident scoping call and participate in the incident from kick-off through full containment and remediation.
• Security Analytics - Efficiently distill actionable information from large data sets for reporting, hunting, and anomaly detection.
• Recommend and document specific countermeasures and mitigating controls with post incident analysis findings
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences
• Conduct Digital Forensic and Incident Response (DFIR) analysis, network log and network PCAP analysis, malware triage, and other investigation related activities in support of Incident Response investigations
• Supervise Digital Forensics and Incident Response staff, and assisting with performance reviews and mentorship of cybersecurity professionals
• Mature the Security Incident Response process to ensure it meets the needs of the Clients
• Interact with Client’s CSIRT teams to cater continuous and/or ad-hoc client requests for Incident Response services

·      Possess the experience, credibility and integrity to perform as an expert witness.

·      Involve in business development activities and supporting pre-sales teams in Identify, market, and develop new business opportunities

• Assist with research and distribute cyber threat intelligence developed from Incident Response activities
• Research, develop and recommend infrastructure (hardware & software) needs for DFIR and evolve existing methodologies to enhance and improve our DFIR practice.

Skills required

• 10-14 years Information Security experience with at least 5 year of Incident Response experience.
• Solid understanding of MITRE ATT&CK, NIST cyber incident response framework and Cyber kill chain.
• Understanding of Threat Hunting and threat Intelligence concepts and technologies
• Experience of leveraging technical security solutions such as SIEM, IDS/IPS, EDR, vulnerability management or assessment, malware analysis, or forensics tools for incident triage and analysis.
• Deep experience with most common OS (Windows, MacOS, Linux, Android, iOS) and their file systems (ext3.4, NTFS, HFS+, APFS, exFAT etc)
• Proficiency with industry-standard forensic toolsets (i.e. EnCase, Axiom/IEF, Cellebrite/UFED, Nuix and FTK)
• Experience of enterprise level cloud infrastructure such as AWS, MS Azure, G Suite, O365 etc..
• Experience of malware analysis and understanding attack techniques.
• CISSP, ECIH v2, GCFA, GCIH, EnCE or equivalent DFIR certification.
• Ability to work in time-sensitive and complex situations with ease and professionalism, possess an efficient and versatile communication style
• Good verbal and written communication skill, excellent interpersonal skills

Abilities:

• Strong English verbal, written communication, report writing and presentations skills.
• Ability to multitask and prioritize work effectively.
• Responsive to challenging tasking.
• Highly motivated self-starter giving attention to detail.
• Strong analytical skills and efficient problem solving.
• Capable to operate in a challenging and fast-paced environment.