Senior Consultant-Tech Consulting-FS-CNS-TC-Cyber Risk, Compliance & Resilience-Bangalore

Cyber Security Incident Response
• Identity Protection
• Active Directory domains, identities.
• SIEM Management tool (e.g.: Google Chronicle, ArcSight or Splunk)
• Open-source tools and scripts, including YARA for malware detection, Sysinternals Suite for
system
• Python and PowerShell

Lead and develop Incident Response initiatives that improve capabilities to
effectively respond and remediate security incidents.
§ Perform log analysis from a variety of sources to identify potential threats.
§ Build automation for response and remediation of malicious activity.
§ Works on SOAR cases, automation workflow & Playbooks.
§ Collaborate with internal and customer teams to investigate and contain incidents.
§ Coordinates with internal and external stakeholders for effective service delivery
§ Train and guide junior engineers and provide adequate support whenever needed.
§ Manage Internal Identity Protection tools and support for road-maps or OKR.
30
§ Contextualize security intelligence information so it is relevant to your business.
§ Detect campaigns and attacks against your infrastructure and identify the actors
responsible.
§ Improve and assist in automating the detection of incidents by your SOC.
§ Provide recommendations in tuning and optimization of security systems, SOC security
process, procedures and policies.
§ Maintain SIEM correlation rules for identity based detections, customer build documents,
security process and procedures
§ Develop and implement threat detection and response strategies to proactively defend
against cyber threats.
§ Document and communicate security incidents, vulnerabilities, and remediation efforts to
stakeholders.
§ Contribute to the continuous improvement of security monitoring and incident response
processes and procedures.
§ Quickly absorb and diagnosis communication challenges within and across work teams.
§ Clearly and professionally communicate with client personnel to understand and manage
expectations, gather information, and present and deliver results.
§ Undergo in internal and external audits and support for best practices to up to date with
security.
§ Follow the organization’s change management process to adhere to the process integrity.
§ Able to work effectively with other groups and teams or Operating Entities across
business.