Cyber Security Specialist

Responsibilities:

• Investigate, document, and report on information security issues and emerging threats.
• Provide Incident Response (IR) support when analysis confirms the actionable incident.
• Isolate affected systems, collect and analyze triage/logs, contain the incident, and provide remediation strategy.
• Gather information from various threat intel sources and initiate remediation steps to neutralize risks.
• Monitor and analyze logs and alerts from different technologies across multiple platforms to identify and triage security incidents.
• Perform threat hunting and support incidents escalated from SOC.
• Define and document playbooks, standard operating procedures, and processes.
• Document results of cyber threat analysis and prepare comprehensive hand-off or escalation for the Incident Response process.
• Utilize security tools and technologies to analyze potential threats to determine impact, scope, and recovery.
• Collaborate with internal and external stakeholders.
• Conduct detailed analysis of security-related events like Phishing, Malware, DoS/DDoS, Application-specific Attacks, Ransomware, etc.
• Communicate with key business units for recommendations on mitigation and prevention techniques.
• Research and explore the enrichment and correlation of existing data sets for deep threat analysis.
• Contribute to special projects by providing expertise, guidance, and leadership.

Qualifications:

• Technical know-how on the organization’s application, system, network, and infrastructure.
• Deep understanding of technologies and architecture in a highly scalable enterprise network.
• Proficiency with logging mechanisms of Windows, Linux, and MAC OS platforms.
• Proficiency with EDR, Anti-Virus, HIPS, NIDS/NIPS, Full Packet Capture, Network-Based Forensics, and Encryption.
• Advanced certifications such as SANS GIAC / GCIA / GCIH, CISSP or CASP, and/or IR-specific training and certification are an added advantage.
• At least 5 years of experience as a lead investigator and 2.5 years as a lead analyst in Incident Response.
• Expertise in IRP (Incident Response Playbook) creation and execution.
• Good communication skills to coordinate among various stakeholders.