Incident Response
- Rajasthan
- Permanent
- Full-time
- The IR Lead is responsible for designing and implementing strategies to contain and eradicate threats.
- Respond to intrusion attempts, identifying full scope of impact and attack vector
- Lead response and investigation efforts into advanced/targeted attacks
- Experience with investigative technologies such as SIEM, packet capture analysis, host forensics and memory analysis tools
- Work with various internal teams to identify gaps in and expand coverage of endpoint, logging and network tooling to improve monitoring and response capabilities.
- Assist in the design, evaluation and implementation of new security technologies.
- Monitor external data sources like cyber defence vendor sites, Computer Emergency Response Teams, and Security Focus to maintain the currency of cyber defence threat conditions and determine which security issues may have an impact on the enterprise. Perform cyber defence trend analysis and reporting,
- Preserve evidence integrity according to standard operating procedures. This is crucial in the incident response process as it supports knowledge-sharing, and documentation,
- Coordinate and provide expert technical support to enterprise-wide cyber defence technicians to resolve cyber defence incidents. Coordinate incident response functions,
- Write and publish cyber defence techniques, guidance, and reports on incident findings to appropriate stakeholders.