Senior Consultant-Tech Consulting-FS-CNS-TC-Cyber Risk, Compliance & Resilience-Bangalore

Cyber Security Incident Response
_x000d_ • Identity Protection
_x000d_ • Active Directory domains, identities.
_x000d_ • SIEM Management tool (e.g.: Google Chronicle, ArcSight or Splunk)
_x000d_ • Open-source tools and scripts, including YARA for malware detection, Sysinternals Suite for
_x000d_ system
_x000d_ • Python and PowerShell

Lead and develop Incident Response initiatives that improve capabilities to
_x000d_ effectively respond and remediate security incidents.
_x000d_ § Perform log analysis from a variety of sources to identify potential threats.
_x000d_ § Build automation for response and remediation of malicious activity.
_x000d_ § Works on SOAR cases, automation workflow & Playbooks.
_x000d_ § Collaborate with internal and customer teams to investigate and contain incidents.
_x000d_ § Coordinates with internal and external stakeholders for effective service delivery
_x000d_ § Train and guide junior engineers and provide adequate support whenever needed.
_x000d_ § Manage Internal Identity Protection tools and support for road-maps or OKR.
_x000d_ 30
_x000d_ § Contextualize security intelligence information so it is relevant to your business.
_x000d_ § Detect campaigns and attacks against your infrastructure and identify the actors
_x000d_ responsible.
_x000d_ § Improve and assist in automating the detection of incidents by your SOC.
_x000d_ § Provide recommendations in tuning and optimization of security systems, SOC security
_x000d_ process, procedures and policies.
_x000d_ § Maintain SIEM correlation rules for identity based detections, customer build documents,
_x000d_ security process and procedures
_x000d_ § Develop and implement threat detection and response strategies to proactively defend
_x000d_ against cyber threats.
_x000d_ § Document and communicate security incidents, vulnerabilities, and remediation efforts to
_x000d_ stakeholders.
_x000d_ § Contribute to the continuous improvement of security monitoring and incident response
_x000d_ processes and procedures.
_x000d_ § Quickly absorb and diagnosis communication challenges within and across work teams.
_x000d_ § Clearly and professionally communicate with client personnel to understand and manage
_x000d_ expectations, gather information, and present and deliver results.
_x000d_ § Undergo in internal and external audits and support for best practices to up to date with
_x000d_ security.
_x000d_ § Follow the organization’s change management process to adhere to the process integrity.
_x000d_ § Able to work effectively with other groups and teams or Operating Entities across
_x000d_ business.

_x000d_