Senior Analyst, Incident Response Pune

How will you make an impact:

• Serve as key escalation tier (level 2 analyst) for on-call incident response resources

• Perform complexed investigations as a part of Edwards active security monitoring and threat hunting operations within SLAs

• Drive and design response and remediation actions to protect against security threats in Edwards environments and products

• Lead data ingestion efforts from identifying gaps onboarding data sources tuning and correlating them

• Lead the design testing and implementation of detection use cases to production

• Help drive threat hunting program

• Responsible for operations and maintenance of key cyber security capabilities and services in Detection Response area SIEM (Google SecOps Splunk Qradar etc) Log Collectors (WEF Cribl NXLog etc)

• Design automation workflows to streamline detection and response efforts

• As needed participate in CIRT team efforts

• Provide coaching mentoring and knowledge transfer to other team members

• Document and maintain incident response technical playbooks and incident timelines

• Staying informed on the evolving cybersecurity threat landscape to drive innovative detections threat hunts and automations to drive Edwards security posture

What youll need (Required):

• Bachelors Degree in related field with 4 years of previous related experience or equivalent work experience based on Edwards criteria

What else we look for (Preferred):

• Previous related experience in Information Security SOC CIRT or SIEM teams

• Participation and leading information security incident handling efforts

• Provide and build detailed investigation timelines including documentation improvements and recommended action items

• Expert with Google SecOps or other SIEM solutions (Splunk Qradar etc)

• Expert with log collectors management (WEF Cribl NXLog etc) parsing experience

• Experience with SOAR platforms operations (Torq PaloAlto XSOAR etc)

• Experience with threat hunting operations and/or design

• Certifications in related discipline preferred (e.g. CEH CISM CISSP)

• Expert of IR concepts data tuning SIEM forensics cloud monitoring

• Knowledge of common attack vectors and methods MITRE framework

• Scripting experience preferred

• Proficient analytical and problem-solving abilities to identify and mitigate potential security risks

• Strict attention to detail

• Ability to partner with other information security and IT experts for escalation of security alerts and onboarding log sources

• Substantial understanding of troubleshooting techniques with the ability to adapt and learn new technologies

• Ability to provide guidance to assigned teams on implementing information security standards and designs

• Excellent organization and time management skills

• Excellent verbal and written communication skills