Cyber Security Specialist - Incident Response

Job Description:

Security Specialist, Incident Response Responsibilities includes

• Lead security incident response in a cross-functional environment and drive incident resolution.

• Lead and develop Incident Response initiatives that improve capabilities to effectively respond and remediate security incidents.

• Perform digital forensic investigations and analysis of a wide variety of assets including endpoints.

• Perform log analysis from a variety of sources to identify potential threats.

• Build automation for response and remediation of malicious activity.

• Write complex search queries in the EDR as well as SIEM tools for hunting the adversaries.

• Works on SOAR cases, automation, workflow & Playbooks.

• Integrating and working on Identity solutions.

• Developing SIEM use cases for new detections specifically on identity use cases.

Minimum Qualifications:

• 5-10 years of experience in Security Incident Response, Investigations

• Working experience in Microsoft On-prem and Entra ID solutions

• Good knowledge in Active Directories and Tier 0 concepts

• Very good knowledge of operating systems, processes, registries, file systems, and memory structures and experience in host and memory forensics (including live response) on Windows, macOS and Linux.

• Experience investigating and responding to both external and insider threats.

• Experience with attacker tactics, techniques, and procedures (MITRE ATT&CK)

• Experience analyzing network and host-based security events