- Manage day-to-day operations of reviewing SIEM alert and other vulnerability management tools. Ensure that all the various environments within the Client have adequate scans and assessments performed.
- Research and recommend mitigation strategy for current and future threats relevant to the Clients environment.
- Participate in security incident response process when required.
- Support the Security Management Lifecycle including: Real-time Monitoring Incident investigation. Research. Correlation. Trending. Remediation. Setup and configure SIEM, including data analysis, rule creation. establish thresholds, reference lists, and other duties. Setup, investigate, and advanced troubleshooting of log transport agents.
- Work with Client technology owners and platform leads to ensure vulnerabilities and issues are patched and remediated on time.
- Oversee the implementation and management of operational security reporting activities.
- Regularly, meet with the internal team to review security reports, status, review any risks, issues, incidents, and outstanding activities.
- Vulnerability Management, Malware analysis, Threat hunting and assist in forensic analysis.
- Managing stakeholder expectations and assisting in the reduction of the impact of a cybersecurity event or incident.
- Contribute to maintaining knowledge base/playbooks by updating procedural documentation. Actively participate in process improvement with other team members and Wider team.
- Maintain detailed knowledge of the clients' environment(s), where applicable, by maintaining and updating relevant documentation.
- Provide proactive, constant, and clear communication on the status of incident/problem resolution between the client, NTT, and any other third-party supplier and vendors.
- Performs post-mortem analyse with logs, network traffic flows, and other recorded information to identify intrusions by unauthorised parties, as well as unauthorized activities of authorised users.
- Manage the prevention and resolution of security breaches and ensure that the required incident and problem management processes are initiated to ensure compliance to policy.
- Conduct presentations of the security breaches findings to the business and advise on new measures required to prevent reoccurrence of similar breaches. What would make you a good fit for this role? (Mandatory skills)
- Experience in working in Security Operation Centre.
- Demonstrated genuine interests and passion for cybersecurity, incident problem solving is a must.
- Working knowledge of security operations environments and security incident management & response handling.
- Hands-on experience in managing Splunk, other SIEM logging solution like Microsoft Sentinel, ArcSight, LogRythm.
- Hands-on knowledge on the creation of use cases within SIEM solution including advanced correlation rules.
- Creating custom dashboards based on the client's security landscape.
- Ability to filter through false positives quickly and focus on true positives.
- Analyse and perform fine-tuning of SIEM rules/policies on regular basis.
- Hands-on experience in analysing SIEM alert payload to detect any malicious activity.
- Hands-on experience in managing Vulnerability Management solution like Qualys and Tenable experience,
- Hands-on experience to Analyse logs/events from SIEM solution, other infrastructure,
- Expertise in interpreting and querying Wireshark captures.
- Experience in managing Security Incidents detect and response, Threat hunt capability with knowledge of Kill chain methodology.
- Experience in triaging Threat feeds and work towards mitigation exercise.
- Experience in reviewing the vulnerability, product bug reports and relating its impact to Clients environment.
- Good understanding of Digital Forensics concept and the process followed therein.
- Operational knowledge on Security compliance tools like AlgoSec, Firemom, Skybox or Tufin.
- Previous experience in working on Firewalls from Palo Alto, Checkpoint, Cisco and Web security solution, End Point Security solutions like Mcafee, Symantec, Trend Micro, FireEye. Required Experience:
- Extensive experience in a Technology Information Security Industry
- Prior experience working in a SOC/CSIRT for at least - years
- Good Hands-on experience on SIEM mainly Splunk solution.
- Good Hands-on experience on Vulnerability management tools.
- Tertiary qualifications or a passionate ethical hacker.
- Experience using End Point Protection Software.
- Experience with Enterprise Detection & Response software.
- Knowledge of malware analysis, hacking techniques, latest vulnerabilities, and security trends.
- Preferably an interest, or knowledge of, or experience with SIEM and IPS technologies.
- Knowledge of network technologies including routers, switches, firewalls.
-
Incident Response Engineer
5 days ago
DigiCert Bengaluru, IndiaIncident Response Engineer · Perform proactive daily monitoring of our services including reviewing system and applications logs and manage Incident life cycle (Detection, Confirmation, Notification, Repair/Isolation, Escalation, Resolution and Reporting) to ensure quick turnar ...
-
Incident Response Engineer
5 days ago
DigiCert Bengaluru, IndiaIncident Response EngineerPerform proactive daily monitoring of our services including reviewing system and applications logs and manage Incident life cycle (Detection, Confirmation, Notification, Repair/Isolation, Escalation, Resolution and Reporting) to ensure quick turnaround ...
-
Incident Response Engineer
1 week ago
Rockwell Automation Bengaluru, IndiaRockwell Automation is a global technology leader focused on helping the world's manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing compan ...
-
Incident Response Engineer
1 week ago
Rockwell Automation Bengaluru, IndiaRockwell Automation is a global technology leader focused on helping the world's manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing compan ...
-
Cybersecurity Incident Response Engineer
5 days ago
Global Pharma Tek Bengaluru, IndiaPrimary Skill Set - SOC - Splunk, Qualys, SIEMLocation – BangaloreShift – /Notice Period – Immediate to monthExperience – + yearsRelevant Experience – + yearsJob Profile SummaryThe Cyber Security Incident Response (CSIR) team is essential in providing an orchestrated and rapid se ...
-
Product Owner
3 weeks ago
Micro Focus Bengaluru, India**Who We Are** · Micro Focus is one of the world's largest enterprise software providers, delivering mission-critical software that keeps the digital world running. We combine pragmatism, discipline, and customer-centric innovation to deliver trusted, proven solutions that custom ...
-
Mic Hw Driver Assistance Projects
2 weeks ago
Mercedes-Benz Research and Development India Private Limited Bengaluru, IndiaAufgaben- Job Description: Engineer / Senior Engineer for rollout release - Acoustic Sensor Microphone Hardware Engineer Mercedes-Benz Research and Development, India is seeking Engineers /Senior Engineer with a strong system and vehicle electronic systems knowledge to work in th ...
-
Driver Assistance Projects
2 weeks ago
Mercedes-Benz Research and Development India Private Limited Bengaluru, India**Aufgaben**: · - Job Description: · - Engineer / Senior Engineer for rollout release - Radar System and Function Engineer · - Mercedes-Benz Research and Development, India is seeking Engineers /Senior Engineer with a strong system and vehicle electronic systems knowledge to work ...
-
Driver Assistance Projects
1 week ago
Mercedes-Benz Research and Development India Private Limited Bengaluru, India**Aufgaben**: · - Job Description: · - Engineer / Senior Engineer for rollout release - Radar Base Software and Hardware Engineer · - Mercedes-Benz Research and Development, India is seeking Engineers /Senior Engineer with a strong system and vehicle electronic systems knowledge ...
-
Driver Assistance Projects
2 weeks ago
Mercedes-Benz Research and Development India Private Limited Bengaluru, IndiaAufgaben- Job Description: Engineer / Senior Engineer for rollout release - Radar Base Software and Hardware Engineer Mercedes-Benz Research and Development, India is seeking Engineers /Senior Engineer with a strong system and vehicle electronic systems knowledge to work in the a ...
-
Mic Hw Driver Assistance Projects
2 weeks ago
Mercedes-Benz Research and Development India Private Limited Bengaluru, India**Aufgaben**: · - Job Description: · - Engineer / Senior Engineer for rollout release - Acoustic Sensor Microphone Hardware Engineer · - Mercedes-Benz Research and Development, India is seeking Engineers /Senior Engineer with a strong system and vehicle electronic systems knowled ...
-
Advanced Hardware Engr
3 weeks ago
Honeywell Bengaluru, Karnataka, India**Design solutions to drive safe living and quality of life**: · **Advanced Hardware Engineer - VE / CE** · **BRIEF JOB DESCRIPTION** · This position provides an exciting opportunity to advance your Engineering and Engineering Services career within one of the Honeywell's most dy ...
-
Advanced Hardware Engr
2 weeks ago
Honeywell Bengaluru, Karnataka, India**Design solutions to drive safe living and quality of life**: · **Advanced Hardware Engineer (Obsolescence Management)** · **BRIEF JOB DESCRIPTION** · This position provides an exciting opportunity to work for Honeywell's Value Engineering (VE) and Component Engineering (CE) Cen ...
-
Power- T&d- Electrical-substation
1 week ago
Tata consulting engineers Bengaluru, India**Location**: · Bangalore · **Age**: · Years · **Qualification**: · M.Tech. (Substation Design) · **Experience**: · 8.00 Years · **Key Responsibilities and Skills**: · **Key Responsibilities**: · Design of Substations and Transmission lines- What are the main responsibilities- 1) ...
-
Mic Fo Driver Assistance Projects
2 weeks ago
Mercedes-Benz Research and Development India Private Limited Bengaluru, IndiaAufgaben- Job Description: Engineer / Senior Engineer / Senior Tech Lead for - Acoustic Sensor Microphone Function Owner Mercedes-Benz Research and Development, India is seeking Engineers with a strong system and vehicle electronic systems knowledge to work in the areas of Microp ...
-
Fumo ms t9
2 weeks ago
Mercedes-Benz Research and Development India Private Limited Bengaluru, India**Aufgaben**: · **Job Description**: · **Engineer, Model Based Engineering · Mercedes-Benz Research and Development, India is seeking Model Based Development Engineers with a strong technical background in Model Based Engineering. · **Key Job Responsibilities: · Responsible for t ...
-
Data Integrity Administrator
2 weeks ago
Molex Bengaluru, India**Your Job** · Own the admin right for Teamcenter -CCS(Especially for workflow and revision control) and help PDE to ensure that work flows are properly created, routed and released in CCS and support the team incase of any concern. Ensure the accuracy, completeness, consistency, ...
-
Document Control Support 3
2 weeks ago
Lam Research Bengaluru, India**Responsibilities**: · Updates logs, databases and catalogues. Maintains files of engineering drawings, project reports, specifications, product proposals and documentation. Prepares process and status reports, assigns and monitors document numbers, and reviews documents for acc ...
-
Bogie Prem
2 weeks ago
ALSTOM Bengaluru, IndiaReq ID:351901 · Leading societies to a low carbon future, Alstom develops and markets mobility solutions that provide the sustainable foundations for the future of transportation. Our product portfolio ranges from high-speed trains, metros, monorail, and trams to integrated syste ...
-
Bogie Prem
3 weeks ago
ALSTOM Bengaluru, IndiaReq ID:418666 · Leading societies to a low carbon future, Alstom develops and markets mobility solutions that provide the sustainable foundations for the future of transportation. Our product portfolio ranges from high-speed trains, metros, monorail, and trams to integrated syste ...
Cybersecurity Incident Response Engineer - bangalore, India - Global Pharma Tek
Description
Primary Skill Set - SOC - Splunk, Qualys, SIEMLocation – Bangalore
Shift – /
Notice Period – Immediate to month
Experience – + years
Relevant Experience – + years
Job Profile Summary
The Cyber Security Incident Response (CSIR) team is essential in providing an orchestrated and rapid security incident response capability with an oversight of security incident response across wider NTT Managed Security Services clients. The CSIR team utilise various security technologies to identify alerts, prioritize and investigate security issues in a fast-paced environment maintain the level of communication with internal and client stakeholders.
As the CSIR engineer, the typical day can vary greatly depending on the specific position. They may begin their day by looking over dashboards, reports from the previous day or shift, including checking for any new threats and identifying malware that may have infiltrated the system. also prepare for and respond to system breaches or attacks. These processes might differ between Clients, but they generally include responding to hacks or network insecurities and working to prevent new ones.
You will also be required to participate in a shift roster which may comprise of shifts business hours and after hours.
Your key responsibilities will include but are not limited to: