Manager Cyber Defence/Cybersecurity/Information Security
Experience: 8 to 12 Years
CTC: Upto 40 LPA
Location: Mumbai
Requisite Qualification :
- Graduate/PG in any discipline (Preferably in IT / Computer Science)
- Relevant industry certifications such as SANS GIAC / GCIA / GCIH / CISSP / OSCP, CEH, and or SIEM-specific training and certification will be an added advantage.
- Preferred: SIEM-specific training and certification will be an added advantage.
Experience :
- Overall 8 -10 years in Cybersecurity domains, relevant experience in incident response and investigations 5-6 Years.
- Must have 2-3 years of SOC experience.
- Knowledge of the SOC infrastructure and logging mechanisms of various technologies used in an organization.
- Good knowledge and understanding of SIEM technologies.
- Very good understanding of the cycle of cyber threats, attacks, attack vectors, and various methods of exploitation.
- A preferred Candidate who is handling a Cyber defence portfolio will be preferred.
Responsibilities :
- Develop and sustain incident response strategy covering the complete organization from policy, procedure, and playbooks perspective.
- Be a point of contact in case of an incident and manage incidents from detection to closure, post-incident analysis and further communication to all relevant stakeholders to prevent any further damage.
- Planning and executing threat hunting will be the primary focus of this role along with in-depth investigation and support to incidents escalated from SOC.
- Leading the technical and incident responders into cybersecurity and taking responsibility for the timely identification of threats and minimizing the same.
- Ensuring the completion of post-incident reviews, assessing the effectiveness of controls, detection and response capability, and supporting the required improvement in people, process and technology.
- Experience in conducting cyber incident drills.
- Collaborated with internal and external stakeholders (as applicable) for incident response and investigation
- Deep understanding of the technologies such as Next gen AV, EDR, and Vulnerability Management, HIPS, NIDS, Web proxy, DNS, DHCP, AD, Databases, Full packet capture, host-based & network-based forensics and encryption.
- Technical know-how on the organization's network, application, Data, systems and infrastructure.
- Be the Subject Matter Expert (SME) on incident response processes, tools and approaches to the wider team and other stakeholders.
- Must be able to conduct a detailed analysis of various security-related events like Phishing, Malware, DoS/ DDoS, Application specific attacks, Ransomware etc.
- Creation of reports, dashboards, metrics related to the security incidents and presentation to Senior Management.
- Experience working in large scale complex environment
- Think about cyberattacks and propose remedial steps based on the attack pattern.
- Broad level of knowledge of security technologies.
- Excellent knowledge of methodologies, processes and tools associated with supporting this function effectively.
Didn’t find the job appropriate? Report this Job