|
Department:
Information & Cyber Security, Data Privacy
|
|
Role:
Manager – Cyber Defense Center
|
|
Reports to:
SAVP - Information & Cyber Security, Data Privacy
|
|
Primary Responsibility
|
1.
Managing CDC operations @ 24* 7
2.
Understanding of alerts (SIEM, EDR, DLP), handling escalations,
communications, notifications of higher priority incidents.
3.
Respond to Information, Cyber and privacy incidents in defined
SLA.
4.
Technically investigate and Communicate progress status to
senior management and other stakeholders.
5.
Coordinate with internal and external teams to get the required
information / support during the investigation.
6.
Manage CIRT calls with required stakeholders.
7.
Manage the communication with senior management, internal
business units, and external vendors / partners.
8.
Prepare detailed incident investigation report; liaise with
Legal, Business, HR and other team members to finalize the
report.
9.
Measure & report incident metrics, KRI/KPI, dashboard etc.
|
|
Primary Internal Interactions
|
1.
MSSP Personnel/ Third Party service providers
2.
Technology Management functions/ Business Application Owners
3.
Legal and Business Operations Team
4.
HR and Facility Management Team
5.
Information Security Personnel, SOC
|
|
Required Skills
|
Must Have
: Security Incident Investigation, Log Analysis, Log
Co-relation, Deep understanding of Incident Management Cycle,
Frameworks & Standards, Cloud Solutions & Security
(Basics)
Desirable
: Threat Analysis/Modeling/Hunting, Malware Analysis, Forensics
overview, Architecture review of SIEM, DLP, EDR, XDR
|
|
Qualification/Others
|
1.
Bachelor's degree in computer science, engineering or related
field.
2.
Good understanding of Information Security, Systems Security,
Operating Systems, Threat modeling
3.
Prior experience in Analyzing Security Alerts/ Incident, Threat
Intelligence or Security Monitoring
4.
Good understanding of digital forensics investigation (Imaging,
Indexing, data extraction, file carving …etc)
5.
Decent communication skill including English language (Oral and
written)
6.
One or more of the following/equivalent certifications: CEH,
CHFI, GCIH, CISM, Comp TIA
Open for, 24*7 working environment
|
|
Experience
|
5-6 years of relevant experience in Cyber Security , 1-2 yrs.
experience in Security Operations (Must), Security Technology
Management
Experience with SIEM, EDR or investigation tools like EnCase,
Oxygen, Falcon, Wireshark etc. would be added advantage
|
|
Other duties as assigned
|
|
Apply through whichever channel suits you best.