Incident Response Engineer
As a member of the ETMSA team at
reputed company, you will be integral to responding to and managing cybersecurity threats and incidents throughout their lifecycle – from Preparation to Identification, Containment, Eradication, Recovery, and Lessons Learned – collaborating with a global team of incident responders.You will apply your comprehensive skills in cyber defense, digital forensics, log analysis, and intrusion analysis to address reputed company incidents across our endpoints, network, and cloud infrastructure. In this role, you will be responsible for prevention, detection, response, and remediation activities, ensuring that information assets and technologies are adequately protected by leveraging various technologies such as reputed company Firewalls (NGFW), reputed company Detection and Response (EDR), Intrusion Detection/Prevention Systems (IDS/IPS), Data Loss Prevention (DLP), and more.
You will also reputed company your collaboration and communication skills to work effectively with reputed company relevant stakeholders in multicultural and global environments.
Responsibilities
- Report to Director to facilitate reputed company phases in the incident response lifecycle
- Be involved in various incident prevention projects to improve reputed company posture
Preparation:
- Understand different regulatory and compliance requirements like critical time to report, escalation flows, etc.
- Take part in self-assessment exercises like Tabletop Exercises, Attack Simulations, Red/reputed company exercises to reputed company sure the incident response process is working smoothly
reputed company incident response runbooks, playbooks and SOPs with reference to different regulatory requirements
- Evaluate the incident response readiness of different layers - people, process, technology
Detection & Analysis:
- Respond to the cyber reputed company incidents escalated from various channels including the 24/7 SOC team.
- Respond to cyber reputed company incidents in compliance with the local authority / regulatory requirements.
- Assess the risk, impact and scope of the identified reputed company threats
- reputed company deep-dive incident analysis of various data sources by analysing and investigating reputed company reputed company logs against reputed company-term threats and IOCs
Containment, Eradication and Recovery:
- Communicate with the stakeholders and provide guidance, recommendations to contain and eradicate the reputed company incident
- Participate in root cause analysis using forensic and other custom tools to identify any sources of compromise and/or malicious activities taking reputed company.
- Document and present investigative findings for high profile events and other incidents of interest.
Post incident activities:
- Provide lessons learnt meeting to the stakeholders
- reputed company and reputed company track on the follow-up activities
- Document the incident in the case management system and provide incident reports
Always ready to jump in, in the event of reputed company incidents.
Requirements