Incident Responder to assist our 24/7 Incident Management Team.
Good grasp of basic security principles like confidentiality, authentication, access control and privacy, security vulnerabilities, physical security issues, protocol design flaws, malicious code, implementation flaws, configuration weaknesses, user errors, user indifference.
Work well under pressure handling multiple tasks.
Having 2+ Years of experience in Incident response and Threat intelligence
Monitor security alerts and notifications from various sources, including security information and event management (SIEM) systems, intrusion detection systems (IDS), and endpoint protection solutions.
Perform real-time analysis of security alerts and determine the severity and impact of potential security incidents.
Lead and coordinate the response to security incidents, including identification, containment, eradication, and recovery.
Conduct root cause analysis to determine the origin and impact of incidents and develop recommendations to prevent future occurrences.
Document and report incidents, including the creation of detailed incident reports and timelines.
Having good knowledge in Investigation Technologies such as EDR, XDR, Email Security, VA, Sandboxing, Threat Intelligence, Deception, DFIR and SOAR.
Experience with SIEM, IDS/IPS, endpoint protection, and forensic tools.
Participate in the continuous improvement of incident response playbooks and standard operating procedures (SOPs).
Perform digital forensics investigations on compromised systems to collect and analyze evidence.
Stay updated on the latest cyber threats, vulnerabilities, and attack vectors.
Analyze and interpret threat intelligence to identify potential risks and improve incident detection and response capabilities.
Collaborate with threat intelligence teams and external partners to share information and enhance situational awareness.
Good Communication Skills