Cyber Security Analyst Forensic and IR

• Role: Cyber Security Analyst Forensic and IR
• Location: Navi Mumbai
• Exp: 4 To 10 Years

Job Accountabilities

• Plan and Oversee daily activities of forensic analysts and incident responders
• Conduct forensic investigations identify systems of interest and direct data acquisition analysis and containment measures
• Conduct network forensics intrusion analysis malware analysis and reverse engineering threat intelligence fusion (wherever possible/ required) to identify the root cause / patient zero
• Build knowledge and skills within the team on latest forensic tools endpoint threat detection tools technologies and techniques on an ongoing basis
• Work with red team/ penetration testing teams to strengthen detection and response measures for advanced attacks and contribute to the knowledgebase of the Cyber Defence Center
• Able to conduct manual investigation of Cyber Incident by correlating logs events from multiple devices servers etc.
• Able to develop standard operating procedures playbooks for Cyber Incident Response.
• Contribute to enhanced detection capabilities of the CDC using threat intelligence and drive innovation and efficiency of the Cyber Defence Center by leading automation initiatives
• Be responsible for accuracy timeliness of the forensics investigation incidents and examinations and provide relevant reports dashboards metrics for periodic reviews and management presentations
• Coordinate with stakeholders build and maintain positive working relationships with them

• Skills Required (Knowledge and Skills)

Technical competencies:

• Deep knowledge of OS internals (Windows Linux) Active Directory and typical vulnerabilities and misconfigurations and associated exploitation techniques and scripting
• Indepth practical knowledge and experience in application of TTPs MITRE Framework in securing an enterprise environment
• Working knowledge of atleast 1 EDR and SIEM tools (commercial or open source)
• Expertise in server and mobile forensic tools such as Autopsy FTK Encase Oxygen Cellebrite Wireshark RAM analysis Registry analysis tools etc
• Significant experience in investigating complex multilocation security breaches and creation of detailed forensic investigation reports and presentations for variety of stakeholders
• Experience of rapid rule development in response to newly released attacks IOCs will be a plus
• Research bent of mind and passion for keeping uptodate with the latest threat landscape and adversarial techniques

Nontechnical competencies:

• Logical thinker with attention to detail
• Strong collaborative skills and proven ability to work in a diverse team of security and IT professionals
• Process oriented
• Meticulous and methodical approach to documentation
• Good interpersonal skills to interact and gather relevant information from a variety of stakeholders such as IT Network and Security teams
• Excellent verbal and written English
• Ability to work with calm and patience in high pressure situations in a dynamic environment

Key Attributes (Experience and Qualifications)

• BE/ from a reputed/recognized institute
• 58 years of relevant experience in Forensics Incident Analysis and Investigation
• Excellent verbal and written communication skills and customer management skills
• Certification as a CHFI GCIH or GCFA would be an advantage (desired)