'%3e%3cpath d='M15.3069 13.1535H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 8.15347H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 3.30693H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3c/g%3e%3cdefs%3e%3cclipPath id='clip0_126_10407'%3e%3crect width='16' height='16' fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
EY - Lead Analyst - Forensic Investigation - Cyber Defense Response Center
Kerala/OthersCyber Defense Response Center (CDRC)
Lead Analyst - DFIR
This role will work collaboratively with team members and managers to respond to and resolve information security incidents, maintain and follow procedures for security alerting, and participate in security investigations. This role should be capable of identifying vectors of threats and incidents, and develops documentation to support the incident response process. They are also responsible for activities as they relate to the security program including event detection, event triage, event reporting and follow-up activities. The role articulates security issues and recommendations to IT project teams and management.
Essential Functions of the Job :
- Contributes to the creation and maintenance of the enterprise's security architecture design and security documents (policies, standards, baselines, guidelines, and procedures)
- Contributes to the integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically by taking direction from management and teaming efficiently with peers.
- Proactively identifies potential information security problem areas and proposes recommendations that would minimize IT security violations
- Conducts studies of industry trends and developments enabling active assistance in identifying and prioritizing security-related requirements, promoting secure-by-default designs, and maintaining that information systems and infrastructure will be secured throughout system development life cycle
- Documents security findings, reports these to management, and validates remediation has been completed and the steps that were followed
- Contributes to providing the mandatory and recommended IT security controls so they are appropriately implemented in the infrastructure and information systems across the firm
Analytical/Decision Making Responsibilities:
- Contributes to maintaining the confidentiality, integrity, and availability of the data residing on or transmitted to/from/through enterprise workstations, servers, and other systems and in databases and other data repositories by following and enforcing IT security standards, policies and procedures
- Recognizes successful intrusions and compromises through review and analysis of relevant event detail information.
- Engages in ongoing communications with peers in the Systems and Networking groups as well as the various business groups to allow for enterprise wide understanding of security goals, to solicit feedback and to foster co-operation
- Able to weigh general business needs against security concerns being seen across the enterprise and industry, and articulate issues to supervisors
- Assist in incident determination, ticketing and incident response, prevention and remediation
- Recognizes successful intrusions and compromises through review and analysis of relevant event detail information.
- Translates technical vulnerabilities in business risk enabling senior leadership to make informed decision.
Knowledge and Skills Requirements:
- Under Graduate/Post Graduate Degree in Computer Science or Engineering or related domain (MCA/MTech/BTech/ BCA /BSc CS or BSc IT).
- Maintains up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors
- Experience in enterprise security architecture design and document creation
- Strong knowledge of enterprise incident response and forensic processes.
- Fair Understanding of Linux, TCP/IP, Network Security, encryption standards etc.
- Aware of Types of attacks (DOS, DDOS etc.)
- Digital forensics acquisition and analysis subject matter expertise
- Aware of log monitoring.
- Idea about various penetration testing and application testing methodology and tools is a definite plus.
- Knowledge in application development (Microsoft technologies).
Soft Skills:
- Excellent communication skills; written and verbal.
- Good Attitude.
- Good Presentation skills
- Good Investigative, analytical and problem solving skills.
- Ability to work in a team, with little supervision and using own initiative
8+ years experience in one or more of the following:
- Security Information & Event management (SIEM) tools.
- Incident Handling and Incident Response.
- Vulnerability assessment.
- Deep Understanding of the following: Firewalls, Intrusion detection and prevention systems, antivirus and content filtering, URL filtering, authentication solutions, switches, routers, VoIP, DMZ.
- Experience in enterprise security architecture design and document creation
- Knowledge in Linux & scripting Languages(Shell Script, VB script, Python etc) is a definite plus.
- Experience with Splunk Enterprise Security is also a plus.
Supervising Responsibilities:
- Provides coaching, guidance, assistance, and mentoring to less experienced team members within a location or department
- Helps team and colleagues understand the bigger picture of technical, ethical and financial needs .
- Requires minimal supervision from management and frequently works on projects with only periodic updates to supervisor
- May seek guidance on increasingly complex projects.
Other Requirements:
- Should be willing to work in shifts (24/7)
Certification Requirements:
- CISSP/CCFP or Associate (ISC)2 certified/qualified
- GIAC Certifications like GCIH/GCFA
Didn’t find the job appropriate? Report this Job
'%3e %3cpath d='M24 48C37.2548 48 48 37.2548 48 24C48 10.7452 37.2548 0 24 0C10.7452 0 0 10.7452 0 24C0 37.2548 10.7452 48 24 48Z' fill='%23333333' fill-opacity='0.8'/%3e %3cpath fill-rule='evenodd' clip-rule='evenodd' d='M22.5299 19.0115V19.5849V29.0154V31.5316C22.5299 32.3403 23.1967 33 24.004 33C24.8114 33 25.4784 32.3358 25.4784 31.5316V29.0154V19.5849V19.013L29.4885 23.0077C30.0627 23.5795 31.0044 23.5743 31.5733 23.0077C32.1421 22.441 32.1423 21.4975 31.5735 20.9308L30.1054 19.4684C30.0891 19.4504 30.0724 19.4329 30.0551 19.4156L25.0837 14.4634L25.0479 14.4264C24.9234 14.3024 24.7807 14.2055 24.6281 14.1358L24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946C24.0039 13.8983 23.3839 14.0068 22.9622 14.4268L22.9533 14.436L21.4743 15.9093C21.4615 15.9211 21.449 15.933 21.4367 15.9452L16.4286 20.934C15.8598 21.5008 15.8545 22.4389 16.4286 23.0108C17.0027 23.5826 17.9394 23.5827 18.5135 23.0109L20.0019 21.5283C20.0147 21.5164 20.0274 21.5043 20.0399 21.492L22.5299 19.0115ZM24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946L24.5952 14.1212Z' fill='white'/%3e %3c/g%3e %3cdefs%3e %3cclipPath id='clip0_99_1825'%3e %3crect width='48' height='48' fill='white'/%3e %3c/clipPath%3e %3c/defs%3e%3c/svg%3e "Scroll Up"){kind=small}