- Proactively respond to security alerts using intelligence-driven investigative analysis.
- Serve as the initial point of contact for alert analysis and information gathering related to potential incidents or vulnerabilities.
- Conduct in-depth tier three analysis, encompassing host forensics, network forensics, log analysis, and malware analysis to ascertain the extent and implications of security incidents.
- Develop and maintain comprehensive incident response playbooks and relevant documentation.
- Collaborate closely with the security Team and CTI (Cyber Threat Intelligence) team to fortify defensive posture by enhancing existing defense controls and introducing new security measures.
- Engage with and oversee third-party suppliers to ensure the effectiveness of security solutions.
- Participate in the on-call rotation and be available beyond standard business hours when necessary.
- Possess 3-5 years of experience in incident response, security operations, SOC (Security Operations Center), or a related field.
- Proficiency in deploying, maintaining, or utilizing various security solutions, including SIEM (Security Information and Event Management), DLP (Data Loss Prevention), IDS/IPS (Intrusion Detection System/Intrusion Prevention System), EDR (Endpoint Detection and Response), Firewalls, Web proxies, and Email Gateways.
- Strong understanding of regulatory requirements and industry standards.
- Excellent communication and interpersonal skills, with the ability to convey complex technical concepts to non-technical stakeholders.
- Proven experience in managing third-party vendors.
- Familiarity with the MITRE ATT&CK framework.
- Experience in incident response within a cloud-based environment.
- Demonstrated capability to work both independently and collaboratively within an organization.
- Proficiency in working within both Windows and Linux environments.
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Professional security certifications, such as GCIH, GIAC, CISSP, are highly preferred.