Cyber MS MDR OT Security Specialist - Assistant Manager

Function: KGS MDR Team

Position: Level 3 Assistant Manager

Location: Bangalore

 

Roles & Responsibilities

As a Level 3 Security Analyst, you will serve as a subject matter expert within the Security Operations Center (SOC), responsible for managing advanced threats, incident escalations, and forensic investigations. You will lead efforts in root cause analysis, threat intelligence, and incident response, while supporting the development of SOC processes and tools.

 

Key responsibilities include:

• Lead investigations of escalated security incidents from L1 and L2 teams.
• Lead client discussion involving continuous tuning efforts and operational reviews.
• Perform breach analysis and trace activities associated with advanced threats.
• Conduct forensic analysis of network traffic, host-based alerts, and system images.
• Provide specialized OT incident response for threats targeting:
  • ICS/SCADA systems.
  • PLCs, HMIs, RTUs, and other industrial assets.
• Investigate and respond to threats exploiting OT-specific protocols: Modbus, DNP3, BACnet, PROFINET, OPC UA, etc.
• Experience on Claroty is an added advantage.
• Monitor and interpret threats using IDS, firewalls, SIEM, and other security tools.
• Collaborate with SIEM Engineers to refine use cases and improve threat detection.
• Handle high and critical severity incidents per SOC playbooks.
• Support threat hunting initiatives and incident response handlers.
• Develop and maintain SOC processes and documentation.
• Coordinate evidence gathering and review incident reports.
• Produce technical after-action reports and contribute to lessons learned.

 

Must-Have Skills

 

• Experience:
  • 8+ years in Information Security, System Administration, or Network Engineering.
  • 5–6 years in Incident Response & 3–5 years working with SIEM tools (e.g., Microsoft Sentinel, Splunk, LogRhythm, Chronicle).

 

• Technical Expertise:
  • Advanced scripting: PowerShell, Bash, Cisco IOS.sh, Perl, Lua, etc.
  • Familiarity with IDS/IPS and Firewalls (Snort, Cisco, Fortigate).
  • Packet analysis and capture tools.
  • Deep understanding of TCP/IP, OSI Model, and network protocols.
  • Malware analysis and reverse engineering techniques.
  • Windows and Unix-based systems architecture knowledge.
  • LAN/WAN technologies and network security devices.

 

• Certifications (at least one preferred):
  • Security+, CEH, Network+, CISM, CISSP, GIAC (GCIA, GCIH, GREM).

 

Good-to-Have Skills

• Experience with vulnerability/penetration testing tools (e.g., Metasploit, Kali Linux, Nmap).
• Understanding of SIEM solution design and configuration.
• Familiarity with ITSM/ticketing tools.
• Strong analytical, communication, and client-facing skills.
• Ability to work under pressure and meet deadlines in fast-paced environments.
• Flexibility to work nights, weekends, or holidays during incident emergencies.
• Customer-oriented mindset with a proactive approach to problem-solving.

 

 

Qualifications

• Bachelor’s or Master’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field.
• Minimum 5 years of experience in MDR/SOC/Incident Response environments.
• Proven ability to work creatively and analytically in a problem-solving environment.
• Demonstrated ability to support tier-1 to tier-3 SOC environments.

Function: KGS MDR Team

Position: Level 3 Assistant Manager

Location: Bangalore

 

Roles & Responsibilities

As a Level 3 Security Analyst, you will serve as a subject matter expert within the Security Operations Center (SOC), responsible for managing advanced threats, incident escalations, and forensic investigations. You will lead efforts in root cause analysis, threat intelligence, and incident response, while supporting the development of SOC processes and tools.

 

Key responsibilities include:

• Lead investigations of escalated security incidents from L1 and L2 teams.
• Lead client discussion involving continuous tuning efforts and operational reviews.
• Perform breach analysis and trace activities associated with advanced threats.
• Conduct forensic analysis of network traffic, host-based alerts, and system images.
• Provide specialized OT incident response for threats targeting:
  • ICS/SCADA systems.
  • PLCs, HMIs, RTUs, and other industrial assets.
• Investigate and respond to threats exploiting OT-specific protocols: Modbus, DNP3, BACnet, PROFINET, OPC UA, etc.
• Experience on Claroty is an added advantage.
• Monitor and interpret threats using IDS, firewalls, SIEM, and other security tools.
• Collaborate with SIEM Engineers to refine use cases and improve threat detection.
• Handle high and critical severity incidents per SOC playbooks.
• Support threat hunting initiatives and incident response handlers.
• Develop and maintain SOC processes and documentation.
• Coordinate evidence gathering and review incident reports.
• Produce technical after-action reports and contribute to lessons learned.

 

Must-Have Skills

 

• Experience:
  • 8+ years in Information Security, System Administration, or Network Engineering.
  • 5–6 years in Incident Response & 3–5 years working with SIEM tools (e.g., Microsoft Sentinel, Splunk, LogRhythm, Chronicle).

 

• Technical Expertise:
  • Advanced scripting: PowerShell, Bash, Cisco IOS.sh, Perl, Lua, etc.
  • Familiarity with IDS/IPS and Firewalls (Snort, Cisco, Fortigate).
  • Packet analysis and capture tools.
  • Deep understanding of TCP/IP, OSI Model, and network protocols.
  • Malware analysis and reverse engineering techniques.
  • Windows and Unix-based systems architecture knowledge.
  • LAN/WAN technologies and network security devices.

 

• Certifications (at least one preferred):
  • Security+, CEH, Network+, CISM, CISSP, GIAC (GCIA, GCIH, GREM).

 

Good-to-Have Skills

• Experience with vulnerability/penetration testing tools (e.g., Metasploit, Kali Linux, Nmap).
• Understanding of SIEM solution design and configuration.
• Familiarity with ITSM/ticketing tools.
• Strong analytical, communication, and client-facing skills.
• Ability to work under pressure and meet deadlines in fast-paced environments.
• Flexibility to work nights, weekends, or holidays during incident emergencies.
• Customer-oriented mindset with a proactive approach to problem-solving.

 

 

Qualifications

• Bachelor’s or Master’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field.
• Minimum 5 years of experience in MDR/SOC/Incident Response environments.
• Proven ability to work creatively and analytically in a problem-solving environment.
• Demonstrated ability to support tier-1 to tier-3 SOC environments.

Function: KGS MDR Team

Position: Level 3 Assistant Manager

Location: Bangalore

 

Roles & Responsibilities

As a Level 3 Security Analyst, you will serve as a subject matter expert within the Security Operations Center (SOC), responsible for managing advanced threats, incident escalations, and forensic investigations. You will lead efforts in root cause analysis, threat intelligence, and incident response, while supporting the development of SOC processes and tools.

 

Key responsibilities include:

• Lead investigations of escalated security incidents from L1 and L2 teams.
• Lead client discussion involving continuous tuning efforts and operational reviews.
• Perform breach analysis and trace activities associated with advanced threats.
• Conduct forensic analysis of network traffic, host-based alerts, and system images.
• Provide specialized OT incident response for threats targeting:
  • ICS/SCADA systems.
  • PLCs, HMIs, RTUs, and other industrial assets.
• Investigate and respond to threats exploiting OT-specific protocols: Modbus, DNP3, BACnet, PROFINET, OPC UA, etc.
• Experience on Claroty is an added advantage.
• Monitor and interpret threats using IDS, firewalls, SIEM, and other security tools.
• Collaborate with SIEM Engineers to refine use cases and improve threat detection.
• Handle high and critical severity incidents per SOC playbooks.
• Support threat hunting initiatives and incident response handlers.
• Develop and maintain SOC processes and documentation.
• Coordinate evidence gathering and review incident reports.
• Produce technical after-action reports and contribute to lessons learned.

 

Must-Have Skills

 

• Experience:
  • 8+ years in Information Security, System Administration, or Network Engineering.
  • 5–6 years in Incident Response & 3–5 years working with SIEM tools (e.g., Microsoft Sentinel, Splunk, LogRhythm, Chronicle).

 

• Technical Expertise:
  • Advanced scripting: PowerShell, Bash, Cisco IOS.sh, Perl, Lua, etc.
  • Familiarity with IDS/IPS and Firewalls (Snort, Cisco, Fortigate).
  • Packet analysis and capture tools.
  • Deep understanding of TCP/IP, OSI Model, and network protocols.
  • Malware analysis and reverse engineering techniques.
  • Windows and Unix-based systems architecture knowledge.
  • LAN/WAN technologies and network security devices.

 

• Certifications (at least one preferred):
  • Security+, CEH, Network+, CISM, CISSP, GIAC (GCIA, GCIH, GREM).

 

Good-to-Have Skills

• Experience with vulnerability/penetration testing tools (e.g., Metasploit, Kali Linux, Nmap).
• Understanding of SIEM solution design and configuration.
• Familiarity with ITSM/ticketing tools.
• Strong analytical, communication, and client-facing skills.
• Ability to work under pressure and meet deadlines in fast-paced environments.
• Flexibility to work nights, weekends, or holidays during incident emergencies.
• Customer-oriented mindset with a proactive approach to problem-solving.

 

 

Qualifications

• Bachelor’s or Master’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field.
• Minimum 5 years of experience in MDR/SOC/Incident Response environments.
• Proven ability to work creatively and analytically in a problem-solving environment.
• Demonstrated ability to support tier-1 to tier-3 SOC environments.