Staff Incident Response Analyst
Tasks
- Analyze Linux host artifacts
- Analyze VPC Flow Logs and correlate cloud events
- Analyze Windows forensic artifacts
- Analyze malware using static and dynamic methods
- Communicate incident status to Security Operations Manager
- Conduct AWS incident response using CloudTrail
- Conduct GCP incident response using Cloud Audit Logs
- Conduct structured threat hunts in SIEM
- Document investigation methodology and closure findings
- Investigate EC2 isolation and Lambda executions
- Investigate OAuth abuse and token theft
- Investigate identity provider incidents
- Lead Sev2 plus incidents
- Maintain forensically sound incident timeline
- Make and document containment decisions
- Own L2 escalations
- Perform CIAM forensics
- Perform endpoint triage using EDR
- Perform memory forensics
- Reconstruct IAM chains and investigate IMDS abuse
- Reconstruct identity based attack chains
- Review IAM policies during incidents
- Review escalation packages for completeness and accuracy
- Scope incidents and determine blast radius
- Support escalation handoffs from L2 and MDR partner
- Write detection recommendations and rule drafts
Perks/Benefits
- N/A
Skills/Tech-stack
ATTACK | AWS | Audit Logs | CSPM | Cloud Audit Logs | Cloud audit | CloudTrail | CrowdStrike Falcon | Detection engineering | EC2 | EDR | Entra ID | Flow Logs | Forensics | GCP | IAM | IMDS | Incident Response | Lambda | Linux forensics | Malware analysis | Memory Forensics | Microsoft Entra | Microsoft Entra ID | OAuth | Okta | SIEM | SIEM correlation | SentinelOne | Threat hunting | Token Abuse | VPC Flow Logs | VPC flow | Volatility | Windows forensics | Yara
Education
N/A
Related jobs
-
Security Engineer - Data Loss Prevention INR 3200K-3500KAlert triage | Cloud Security | DLP policies | Data Loss Prevention | Data lossHealth benefits | Paid time off | Parental leave | Retirement savingsSenior-level Full TimeIndia R14h ago
-
AI Act | Access reviews | Audit Readiness | Continuous compliance | Control monitoringAnnual company retreats | Co-working spaces access | Flexible time off | Fully remote | Health-related benefitsMid-level Full TimeIndia R1d ago
-
SOC Analyst INR 800K-1050KAzure | Incident Response | KQL | Microsoft 365 | Microsoft 365 DefenderInternational travel options | Remote work for up to 30 days per yearMid-level Full TimeGurugram Gurgaon HR, IN R1d ago
-
Senior Product Security Engineer INR 3700K-4600KAI Agents | API Security | AWS | Authentication | AuthorizationCareer development | ESG initiatives | Headspace access | Hybrid work model | Mental health daysSenior-level Full TimeIndia, Bengaluru, Karnataka R2d ago
-
Security Solution Architect INR 2200K-4500KAWS | Access Management | Assume Breach | Azure | By DesignEmployee resource groups | Healthcare (Dental | Healthcare (Medical | Healthcare vision | Hybrid workSenior-level Full TimeIN.Bangalore.Remote, India R3d ago
-
Staff GRC Engineering Specialist INR 2080K-2250K800-53 | AI Automation | AWS | Access Management | Audit evidenceRemote workSenior-level Full TimeIndia - Remote R3d ago
-
Senior Security Engineer II INR 3200K-4500KAWS | Alert triage | Anomaly Detection | Automation | AzureSenior-level Full TimeIN Remote India R4d ago
-
Principal Engineer - IGA I On-site, Bangalore INR 2505K-3500KABAC | API Integration | AWS | Access Certification | Access ManagementInclusive culture | Professional training resources | Remote work support | Volunteer opportunities | Work-life balanceSenior-level Full TimeBangalore, India R4d ago
-
Sr. Engineer | - VMS| Onsite, Bangalore INR 2500K-3500KAWS | Asset Criticality | Attack surface | Attack surface management | Authenticated ScanningProfessional training resources | Volunteer opportunities | Work-life balanceSenior-level Full TimeBangalore, India R4d ago
-
Mid-level Full TimeRemote - India R9d ago
-
Senior SAP Security Analyst INR 1500K-3500KABAP | Access Management | Change Management | Cyber Threat | Cyber Threat DetectionHybrid work model | On-call supportSenior-level Full TimeLOC0001204, India R9d ago
-
Mid-level Full TimeRemote - India R9d ago
-
Security Engineer - Incident Response INR 2160K-2800KAWS CloudTrail | AWS GuardDuty | Access Management | Amazon Web Services | BashHealth benefits | Paid time off | Parental leave | Remote work flexibility | Retirement savingsMid-level Full TimeIndia R10d ago
-
SOC Lead - Detection & Response INR 2475K-4500KAI Agent | AI Agent Frameworks | AWS | Agent Frameworks | Alert triageFlexible time off | Health and wellness benefits | Learning opportunities | Remote-firstSenior-level Full TimeIndia R10d ago
-
Threat & Vulnerability Senior Associate INR 1500K-3487KAttack surface | Attack surface management | Cybersecurity | Data Analysis | Defensive securityFlexible hybrid work model | Health insurance | Life insurance | Paid time off | Pension/retirement benefitsSenior-level Full TimeHyderabad, India R10d ago
-
Security Automation Engineer INR 1000K-1500KAPI Security | AWS | Application Security | Bash | Burp SuiteAccelerated career growth | Company Car Lease Benefits | Healthcare insurance benefits | Relocation benefitsMid-level Full TimePune, Maharashtra, India - Remote R15d ago
-
Manager, Information Security INR 675K-1025KAdvanced threat protection | Data Loss Prevention | Data loss | Firewall | ForensicsMid-level Full TimeBengaluru, KA, India R17d ago
-
Manager, Information Security INR 575K-1025KAdvanced threat protection | Data Loss Prevention | Data loss | Detection Systems | FirewallsMid-level Full TimeBengaluru, KA, India R17d ago
-
GRC Analyst, Third-Party Risk Management INR 1068K-1500KAI workflow | AI workflow automation | Audit management | Compliance Inventory | Control mappingFlexible remote work | Health insurance | Parental leave | Professional development stipendMid-level Full TimeBengaluru - BLR1 R18d ago
-
Security Engineer II (Cloud Security) INR 1050K-1496KABAC | Access Control | Access Management | Active Directory | AutomationAccidental insurance | Maternity leave | Medical insurance | Paid leave | Paternity leaveMid-level Full TimeRemote - India R18d ago
-
Compliance Product Owner INR 1000K-1820KAWS | Access Management | Application Security | Awareness Training | AzureMid-level Full TimeNoida, India R24d ago
-
Embedded APAC Protective Intelligence Analyst INR 1000K-1564KBias awareness | Cognitive Bias Awareness | Cognitive bias | Data Synthesis | Incident ResponseEvening weekend and holiday availability | Flexible hours | Remote workMid-level Full TimeIndia, India R27d ago
-
Security Engineer II INR 950K-1500KAPI Security | API fuzzing | AWS | Burp Suite | CI/CDEmployee wellness programs | Flexible vacation | Paid time off | Team events and off-sites | Training budgetMid-level Full TimeRemote (Pune, Maharashtra, IN); Remote (Bengaluru, … R30d ago
-
Manager, GRC Engineering PHP 244K-280KAWS | Cloud Security | Cloud platform | Compliance Management | Continuous complianceCareer development | Flexible work schedule | Mentorship and training | Remote-first culture | Technical trainingMid-level ContractRemote (Philippines); Remote (India) R30d ago
-
Information Security Analyst II INR 700K-1000KAPI Testing | Capture analysis | Correlation rules | Dark Web | Dark web monitoringEmployee resource groups | Healthcare benefits | Holiday Time Off | Hybrid work | Paid time offMid-level Full TimeIN.Bangalore.Remote, India R1mo ago