Job Description
Job Description
Role:
Manager – Cyber Defense Center
Department:
Information & Cyber Security, Data Privacy
Reports to:
AVP - Information & Cyber Security, Data Privacy
Primary Responsibility
- Managing CDC operations @ 24*7
-
Understanding of alerts (SIEM, EDR, DLP), handling escalations,
communications, notifications of higher priority incidents.
-
Respond to Information, Cyber and privacy incidents in defined SLA.
-
Technically investigate and communicate progress status to senior
management and other stakeholders.
-
Coordinate with internal and external teams to get the required
information/support during the investigation.
- Manage CIRT calls with required stakeholders.
-
Manage the communication with senior management, internal business
units, and external vendors/partners.
-
Prepare detailed incident investigation report; liaise with Legal,
Business, HR and other team members to finalize the report.
- Measure & report incident metrics, KRI/KPI, dashboard etc.
Primary Internal Interactions
- MSSP Personnel/Third Party service providers
- Technology Management functions/ Business Application Owners
- Legal and Business Operations Team
- HR and Facility Management Team
- Information Security Personnel, SOC
Required Skills
Must Have:
-
Security Incident Investigation, Log Analysis, Log Correlation, Deep
understanding of Incident Management Cycle, Frameworks & Standards,
Cloud Solutions & Security (Basics)
Desirable:
-
Threat Analysis/Modeling/Hunting, Malware Analysis, Forensics
overview, Architecture review of SIEM, DLP, EDR, XDR
Qualification / Others
-
Bachelor's degree in computer science, engineering or related field.
-
Good understanding of Information Security, Systems Security,
Operating Systems, Threat modeling.
-
Prior experience in Analyzing Security Alerts/Incident, Threat
Intelligence or Security Monitoring.
-
Good understanding of digital forensics investigation (Imaging,
Indexing, data extraction, file carving …etc).
-
Decent communication skill including English language (Oral and
written).
-
One or more of the following/equivalent certifications: CEH, CHFI,
GCIH, CISM, Comp TIA.
Experience
Open for 24*7 working environment
5 - 6 years of relevant experience in Cyber Security, 1 - 2 yrs.
experience in Security Operations (Must), Security Technology Management
Experience with SIEM, EDR or investigation tools like EnCase, Oxygen,
Falcon, Wireshark etc. would be added advantage.
Other duties as assigned