Staff Incident Response Analyst
Tasks
- Analyze Linux host artifacts
- Analyze VPC Flow Logs and correlate cloud events
- Analyze Windows forensic artifacts
- Analyze malware using static and dynamic methods
- Communicate incident status to Security Operations Manager
- Conduct AWS incident response using CloudTrail
- Conduct GCP incident response using Cloud Audit Logs
- Conduct structured threat hunts in SIEM
- Document investigation methodology and closure findings
- Investigate EC2 isolation and Lambda executions
- Investigate OAuth abuse and token theft
- Investigate identity provider incidents
- Lead Sev2 plus incidents
- Maintain forensically sound incident timeline
- Make and document containment decisions
- Own L2 escalations
- Perform CIAM forensics
- Perform endpoint triage using EDR
- Perform memory forensics
- Reconstruct IAM chains and investigate IMDS abuse
- Reconstruct identity based attack chains
- Review IAM policies during incidents
- Review escalation packages for completeness and accuracy
- Scope incidents and determine blast radius
- Support escalation handoffs from L2 and MDR partner
- Write detection recommendations and rule drafts
Perks/Benefits
- N/A
Skills/Tech-stack
ATTACK | AWS | Audit Logs | CSPM | Cloud Audit Logs | Cloud audit | CloudTrail | CrowdStrike Falcon | Detection engineering | EC2 | EDR | Entra ID | Flow Logs | Forensics | GCP | IAM | IMDS | Incident Response | Lambda | Linux forensics | Malware analysis | Memory Forensics | Microsoft Entra | Microsoft Entra ID | OAuth | Okta | SIEM | SIEM correlation | SentinelOne | Threat hunting | Token Abuse | VPC Flow Logs | VPC flow | Volatility | Windows forensics | Yara
Education
N/A
Related jobs
-
Mid-level Full TimeRemote - India R19h ago
-
Principal Engineer - IGA I On-site, Bangalore INR 2000K-3465KABAC | API Integrations | AWS | Access Certification | Access GovernanceInclusive culture | Professional training resources | Remote work options | Volunteer opportunities | Work-life balanceSenior-level Full TimeBangalore, India R1d ago
-
Threat Intelligence Senior Analyst INR 1971K-3000KAlert triage | Credential theft | Cyber Threat | Cyber Threat Monitoring | Detection and ResponseFlexible hybrid work model | Health and life insurance | Paid time off | Personal and family care leaves | Retirement benefitsSenior-level Full TimeHyderabad, India R1d ago
-
Senior Security Engineer - Remote, India - 8AM - 5PM EST INR 1500K-3200KAmazon Web Services | Anti-virus | Barracuda | Cause analysis | Cloud SecurityFlexible schedule | Remote workSenior-level Full TimeBangalore, Bangalore R2d ago
-
Manager, Information Security INR 800K-1200KAdvanced threat protection | Data Loss Prevention | Data loss | Firewalls | IDSIPSMid-level Full TimeBengaluru, KA, India R3d ago
-
Offensive DevSecOps Engineer INR 1567K-4600KAPI Security | AWS | Application exploitation | Authentication bypass | AzureFlexible benefits package | Hybrid work model | Work from home optionsSenior-level Full TimeChennai, India R6d ago
-
Product Security Architect INR 1567K-5710KAI Security | API Design | AWS | Adversarial inputs | AuthenticationHybrid work model | Remote work option | Work from home flexibilitySenior-level Full TimeChennai, India R6d ago
-
Security Analyst L1 INR 800K-1250KAwareness Training | Cloud apps | CrowdStrike | Data Loss Prevention | Data lossMid-level Full TimeHyderabad, Telangana, India - Remote R7d ago
-
Security Architect INR 2932K-4000KAI Foundry | Access Control | Architecture Diagrams | Azure | Azure AISenior-level Full TimeHyderabad, Telangana, India - Remote R8d ago
-
Detection Engineer (Remote) INR 1228K-1680KAlert prioritization | Atomic Red Team | CrowdStrike Falcon | Defender for Endpoint | EDRRemote workMid-level Full TimeMaharashtra, Pune, India R9d ago
-
Incident Response Associate INR 850K-1039KCase management | EDR | Email Security | Incident Response | Quality AssuranceFlexible hybrid work model | Health insurance | Life insurance | Paid time off | Pension/retirement benefitsMid-level Full TimeChennai, India R9d ago
-
Product Security Engineer 3 INR 1244K-1890KAI Security | API Top 10 | AWS | Authentication & Authorization | AzureMid-level Full TimeBangalore, India R9d ago
-
Senior Principal Threat Researcher INR 2829K-4500KAI for security | AWS IAM | Access Management | Active Directory | Anomaly DetectionGlobal travel | Hybrid workSenior-level Full TimeBengaluru R10d ago
-
Security & Audit Solution Architect INR 2000K-3500KAI Security | AWS | Access Management | Detection and Response | DevSecOpsOffice-based option | Remote work optionSenior-level Full TimeVirtual Office (Telangana), India R10d ago
-
Sr. Threat Researcher (Remote, IND) INR 1500K-4600KArtificial Intelligence | Automation Pipelines | Binary Analysis | C++ | CassandraCompetitive vacation and holidays | Employee networks | Paid adoption leave | Paid parental leave | Professional developmentSenior-level Full TimeIND MH Remote, India R10d ago
-
Cyber Security Strategist INR 2695K-3500KAWS | CCSP | CISM | CISSP | Cloud platformFlexible work | Hybrid work | Inclusive safe workplace | Remote work | Volunteer leaveSenior-level Full TimeVadodara, Gujarat, India - Remote R14d ago
-
Manager - Cyber Operations I On-site, Bangalore INR 2500K-3500KCISM | CISSP | Capacity Planning | Cause analysis | Communication skillsProfessional training resources | Volunteer opportunities | Work-life balanceSenior-level Full TimeBangalore, India R14d ago
-
Associate Director DevSecOps Engineering INR 938K-1173KAWS | Agile | Angular | Ansible | AntFlexible hybrid schedule | Health insurance | Life insurance | Paid time off | PensionMid-level Full TimeHyderabad, India R14d ago
-
Associate Director DevSecOps Engineering INR 700K-1000KAPI Design | API Gateways | API Management | AWS | AgileFlexible hybrid work model | Health and life insurance | Paid time off | Pension | Professional developmentMid-level Full TimeHyderabad, India R14d ago
-
Threat & Vulnerability Senior Associate INR 3384K-4000KAttack surface | Attack surface management | Continuous Monitoring | Cybersecurity | Data AnalysisFlexible hybrid work model | Health insurance | Life insurance | Paid time off | Pension/retirement benefitsSenior-level Full TimeHyderabad, India R15d ago
-
Security Automation Engineer INR 2475K-3500KAlert Correlation | Change Management | Cloud Security | Cloud apps | CrowdStrike FalconFlexible schedule | Permanently remote | Remote work supportSenior-level Full TimeBengaluru, Karnataka, India - Remote R15d ago
-
Cybersecurity Expert - RL USD 130K-200KAWS | Bash | Cloud platform | CrowdStrike | Cyber ThreatHigh autonomy | Hybrid work | In person Bangalore officeSenior-level Full TimeRemote R15d ago
-
Access Management | Active Directory | Amazon Web Services | Azure | Cloud SecurityCareer growth opportunities | Global workplace | Hybrid work model | Personal tech fund | Work-life balanceSenior-level Full TimeBengaluru, India R17d ago
-
Access Management | Active Directory | Amazon Web Services | Azure | Conditional AccessCareer growth opportunities | Global workplace | Hybrid work model | Personal tech fund | Work-life balanceSenior-level Full TimeBengaluru, India R17d ago
-
Contractor Intern INR 360K-400KAzure | Bash | Cross-Site Scripting | Cyber Kill Chain | Cyber SecurityHybrid work | Rotational 24 7 shiftEntry-level Contract Full Time InternshipRemote Pune-Baroda, India R20d ago