Executive-Infosec

Education

• University degree in Computer Science/IT

Experience/ Qualifications

• 3+ years’ experience in Information Security.
• 2+ year experience in working in SOC
• Knowledge of industry recognized analysis frameworks (Kill Chain, Diamond Model, MITRE ATT&CK, NIST Incident Response, etc.)
• Knowledge of Cloud Computing Fundamentals, EDR, DLP, Firewall
• Thorough understanding of fundamental security and network concepts (Operating systems, intrusion/detection, TCP/IP, ports, etc.)
• Strong problem-solving and analytical skills, initiative driven, result oriented and ability to lead a technical team.
• Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously.

Responsibilities

• Provide technical and functional support to L2/L3 Team with analytical feedback.
• Responsible for incident investigation, evidence collection, diagnosis, recovery within defined SLA and closing incidents
• Understand information security policies and best practices in Birlasoft environments.
• Inform L2/L3 team of proactive and reactive actions to ensure adherence to security policy.
• Review and understand collected metrics from monitoring systems and be aware of patterns and anomalies.
• Perform incident response, with a primary focus of eliminating the threat to the network and determining the cause of the security incident while preserving evidence for further analysis
• Ensure incidents are handed in a manner that is consistent with established playbooks
• Monitors SIEM and logging for alerts of potential network threats, intrusions, and/or compromises
• Responsible for understanding the global threat environment and general security best practices
• Assists with triage of service requests from automated sensors and internal requests for assistance
• Participates in active cyber hunting to identify and eliminate known and unknown network threats
• Interface with technical personnel from various disciplines to rapidly resolve critical issues
• Appropriately inform and advise leadership of incidents and propose effective response and/or countermeasures for containment.
• Participate in knowledge sharing with other security engineers and partner.

Technical skills

understanding on SOC/SIEM operation

Understanding on Cloud Security Platform

Certification (Mandatory)

Certifications (Optional)

AZ 303/AZ 500