Cybersecurity Incident Response Consultant/Analyst

Remote-Inida
  Category :  Analysts 
  Position Type : Remote - Centizen Talent Hub 

Job Description

We are seeking for an Incident Response Analyst. He/she will be responsible for incident response, threat hunting, and data analysis to protect and maintain the overall security of the enterprise.

Soft Skills:

  • Ability to take lead and work in a trustworthy working environment.
  • Partner with the required teams and get seamless outputs.
  • Should be curious to learn more and collaborate whenever needed.
  • Ability to independently manage projects and report/present efforts to clients.
  • Strong communication skills.

Responsibilities:

  • Monitor, identify, investigate, and resolve security incidents.
  • Perform assessment and security evaluation for systems, network and perimeter controls, log and event correlation, and system and network component baselining.
  • Support ongoing tracking and remediation of security issues, ensuring that tickets are closed and issues are addressed in a timely manner.
  • Ensure that changes and enhancements are carried out properly and on a timely basis within corporate security guidelines for change, configuration and patch management. Security oversight of a regimented change and release management methodology includes assigning security and patch updates to follow the firm’s change management procedures and a patch release schedule.
  • Manage multiple priorities effectively. Maintain clear and efficient communications with management and customers. Provide interactive discussion and guidance to peers. Discuss technical subject matter for other IT functions.
  • Work closely with development, network, and support teams in implementation of infrastructure components supporting emerging technologies and applications.
  • Support activity and progress reports ensuring issues are properly escalated and resolved to maintain delivery schedule, project cost, and desired results.
  • Respond to issue escalation and service interruption as a confident technical resource. Will support technical leadership role in problem resolution and root cause analysis. Will be expected to provide actionable after-incident analysis to ensure root cause issues are logged and remediated.
  • Participate in additional projects, assignments or initiatives as required.
    Assist with the creation of Incident Response run books for analysis and response to cybersecurity incidents.
  • Evaluate information security solutions and processes to provide recommendations supporting Dell security standards.
  • Utilize internal guidelines to properly fulfill client requests and resolve cybersecurity incidents received via e-mail or internal ticketing systems in a timely and detail-oriented manner.
  • Investigate and analyze data sets to identify trends and anomalies indicative of malicious activities.
  • Perform analysis of malicious artefacts to classify the type of attack and determine remediation.

Required skills:· 

  • Display foundational understanding of Security Operations Center and/or Incident Response Team procedures.
  • Bases in Cybersecurity, desirable in Incident Handling (Incident Response Lifecycle).
    Familiar with a ticketing system.
  • Understanding of network defense principles, common attack vectors, incident response methodologies, log analysis, and attacker techniques.
  • Knowledge of Access Controls, including Active Directory, SQL, Sharepoint and Strong Authentication capabilities.
  • Functional knowledge of core Networking concepts including TCP/IP, DHCP, DNS, load-balancing, VLAN segmentation, network traffic capture and analysis (basic level). Strong input for Remote Access and VPN systems, with a knowledge of Zero Trust networking.
  • Expert knowledge of incident response guidance and tools such as NIST 800-61 or SANS Incident Response Process.
  • Experience with using MITRE Telecommunication & CK, particularly in the context of Incident Response.
  • Experience with enterprise security products such as Endpoint Detection and Response (EDR), network intrusion detection/prevention systems (NIPS or NIDS), and Security Orchestration, Automation, and Response (SOAR) products.
  • Experience performing Incident Response services over cloud services (IaaS, PaaS, SaaS)
  • Experience with security services of major cloud providers.
  • Ability to support appliance and cloud-based Authorization and Password Vaulting systems, enterprise level Malware systems and content filtering systems.
  • Knowledge of service and software update releases and processes including participation in the patch management program.
  • Experience with current best practices in IT standards, principles, and security practices.

Chat with us