Sign In
 [New User? Sign Up]
Mobile Version

Lead Cyber Defence Analyst

Bengaluru, KA
Job Code:
  • Banking & Finance
Applying for this job will take you to an external site
  • Shortlist
  • Email Friend
  • Print

Job Details

ResponsibilitiesAnalyse information from variable sources; leverage various toolsets to gain awareness of potentially suspicious activity. Respond to cyber security incidents by collecting, analyzing and preserving digital evidence.Identify and help troubleshoot anomalies.Subject matter expert on security related issues.Ability to aggregate and correlate alerts from systems and/or SIEM analytics tool to provide context, environmental awareness, baselines, and root cause analysis.Participate and assist in identifying and responding to global security incidents.Provide a point of escalation for incidents within various global regions.Monitor and investigate network and system events to preemptively determine attack.Perform initial investigations; identify attack vectors and mitigation tactics.Collaborate with technical teams to identify, resolve, and mitigate events.Ability to manage multiple incidents at a single time.Monitor incidents submitted and establish correlation to broader threats when they may exist.Conduct root cause analysis to identify gaps and recommendations ultimately remediating risks.Communicate effectively with representatives of the business, technology specialists, and vendors.Gather forensic evidence for analysis, investigation, disciplinary action or criminal investigation.Conduct advanced computer and network forensic investigation functions. Provide training and expertise to junior Incident Responders.Participate in leadership groups throughout the company to plan and test incident response capabilities.ExperienceBachelors degree from a four year accredited college/university but substantial relevant experience could substitute4years of experience in information security related positions, preferably in Incident Management, event analysis, penetration testing.Background in network/systems/physical security, authentication, authorization and usability.Comprehensive knowledge of the OSI model.Strong understanding of Windows, Unix/Linux operating systems, security administration, network security weaknesses, vulnerabilities and remediation, TCP/IP networking and firewall concepts. Strong familiarity with security issues surrounding network computing and experience in implementation of security systems and controls. Must have a thorough knowledge of information security components, principles, practices, and procedures.Knowledge of security auditing processes.Formal training or proportionate work experience in security tools (scanners, Intrusion Detection Systems, and security analysis tools both on the network and on host based systems).Expert knowledge of information security issues, trends and leading practices.A holistic understanding of attack vectors, current threats, and remediation strategies is essential for this role.Experience with computer forensics concepts and procedures, investigations, collections, evidence handling, analyzing and preserving digital evidence and live response techniques. Have a thorough understanding of the common and uncommon threats and vulnerabilities related to applications, architectures and databases, thin clients, thick clients, mobile and virtualized applications.Must have good knowledge of general IT architecture infrastructure, web application, and internet security along with a general understanding of common operating systems, networking protocols, database, and application development. Have a firm understanding of outside security threats and risks to an information technology infrastructure and use those skills to develop custom incident response protocols as deemed necessary.Key Behaviours / AttributesComfortable working in a dynamic environment with multiple goals.Process documentation experience and excellent intra-business relationship experience. This role interacts with all levels of the organization.High level critical thinking and strategic planning skills. Excellent written and verbal communications, effective interpersonal skills, strong formal presentation abilities and good leadership skills.Ability to deal diplomatically and effectively at all levels of the organization including both technical and non-technical, management and senior leadership.Strong investigation and analytical skills.Desirable Criteria Prior experience in security development and implementation of tools is desirable.Working knowledge of EnCase Enterprise is preferred.Preferred Certifications One or more of the following certification designations is preferredGIAC Certified Incident Handler - GCIHGIAC Certified Intrusion Analyst GCIAGIAC Certified Forensic Examiner - GCFEGIAC Certified Forensic Analyst - GCFACertified Information Systems Security Professional - CISSP
Additional Degree: BE/ B.Tech (Engineering) | BCA (Computer Application)

Experience: 4-9


H/W Installation/Maintenance | Hardware Design | Network Planning
Applying for this job will take you to an external site


© Copyright 2015 Al Nisr Publishing LLC - powered by Gulf News