S
Senior Incident Responder
Accepting applicationsSecurityHQ · Pune Division, Maharashtra, India
Full-Time Mid_senior SOC
Estimated market salary
₹25-46 LPA
This is a SiliconBoard market estimate, not an employer-posted salary.
Posted
12 Jun
Category
Design
Experience
Mid_senior
Country
India
Job Description
The primary function of a Senior Incident Responder is to ensure that the SOC team is performing its functions as required and to troubleshoot problematic incidents and events. In summary, the Senior Incident Responder shall also act as the technical SME
and shall report technically to the L3 Analyst.
Responsibilities
Work collaboratively with Account Manager for Client relations
Track incident detection and closure
Execute risk hunting activities
Undertake forensic investigations
Act as subject matter expert and expert witness where required
General intelligence advisories and delegate intelligence aggregation tasks
Suggest new use cases for emerging threats
Conduct incident response coordination with customer
Validation of security incidents
Conduct audits of logging and correlation
Use of sandbox, honeypot, analytics tools and security testing
Ensure process compliance
Ensure quality of investigations and notification and direct L1 accordingly
Report deviations to SOC manager and L3
Ensure SLA compliance for projects within remit
Perform deep analysis to security incidents to identify the full kill chain
Respond to clients’ requests, concerns and suggestions
Provide knowledge to L1 such as guides, cheat sheets etc
Follow up with the recommendations to the client to contain an incident or mitigate a threat
Conduct presentations and updates to the client
Respond to incident escalations and provide solid recommendations
Update aging incidents and requests
Track SOC performance in terms of SLAs and incident quality
Review vulnerability assessment reports with the client and provide necessary recommendations
Conduct threat hunting exercises on SIEM and EDR platforms
Develop and improve processes for monitoring and incident qualification
Perform quarterly evaluation for L1 analysts and report feedback to the management
About SecurityHQ
SecurityHQ is a global cybersecurity company. Our specialist teams design, engineer and manage solutions that do three things: Promote clarity and trust in a complex world. Build momentum around improving security posture. And increase the value of cybersecurity investment within organizations. Free from limitations, and inclusive of all requirements, we focus on defending today, while mitigating the risks of tomorrow. And into the future. Our solutions are tailored to our customers and their unique context. Around the clock, 365 days per year, our customers are never alone.
SecurityHQ – We’re focused on engineering cybersecurity, by design.
Job Reference Number
IN003
Essential Skills
Experience with Security Information Event Management (SIEM) tools, creating advanced co-relation rules, administration of SIEM and system hardening.
Should have expertise on TCP/IP network traffic and event log analysis.
Knowledge and hands-on experience with LogRhythm, QRadar, Arcsight, MS Sentinel or any SIEM tool
Knowledge of ITIL disciplines such as Incident, Problem and Change Management
Additional Desired Skills
Strong verbal and written English communication
Strong interpersonal and presentation skills
Ability to work with minimal levels of supervision
Willingness to work in a job that involves 24/7 operations
Education Requirements & Experience
Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree
Minimum of 3-4 years of experience in the IT security industry, preferably working in a SOC environment
Certifications: GCIH, CCNA, CCSP, CEH
Show more Show less
The primary function of a Senior Incident Responder is to ensure that the SOC team is performing its functions as required and to troubleshoot problematic incidents and events. In summary, the Senior Incident Responder shall also act as the technical SME
and shall report technically to the L3 Analyst.
Responsibilities
Work collaboratively with Account Manager for Client relations
Track incident detection and closure
Execute risk hunting activities
Undertake forensic investigations
Act as subject matter expert and expert witness where required
General intelligence advisories and delegate intelligence aggregation tasks
Suggest new use cases for emerging threats
Conduct incident response coordination with customer
Validation of security incidents
Conduct audits of logging and correlation
Use of sandbox, honeypot, analytics tools and security testing
Ensure process compliance
Ensure quality of investigations and notification and direct L1 accordingly
Report deviations to SOC manager and L3
Ensure SLA compliance for projects within remit
Perform deep analysis to security incidents to identify the full kill chain
Respond to clients’ requests, concerns and suggestions
Provide knowledge to L1 such as guides, cheat sheets etc
Follow up with the recommendations to the client to contain an incident or mitigate a threat
Conduct presentations and updates to the client
Respond to incident escalations and provide solid recommendations
Update aging incidents and requests
Track SOC performance in terms of SLAs and incident quality
Review vulnerability assessment reports with the client and provide necessary recommendations
Conduct threat hunting exercises on SIEM and EDR platforms
Develop and improve processes for monitoring and incident qualification
Perform quarterly evaluation for L1 analysts and report feedback to the management
About SecurityHQ
SecurityHQ is a global cybersecurity company. Our specialist teams design, engineer and manage solutions that do three things: Promote clarity and trust in a complex world. Build momentum around improving security posture. And increase the value of cybersecurity investment within organizations. Free from limitations, and inclusive of all requirements, we focus on defending today, while mitigating the risks of tomorrow. And into the future. Our solutions are tailored to our customers and their unique context. Around the clock, 365 days per year, our customers are never alone.
SecurityHQ – We’re focused on engineering cybersecurity, by design.
Job Reference Number
IN003
Essential Skills
Experience with Security Information Event Management (SIEM) tools, creating advanced co-relation rules, administration of SIEM and system hardening.
Should have expertise on TCP/IP network traffic and event log analysis.
Knowledge and hands-on experience with LogRhythm, QRadar, Arcsight, MS Sentinel or any SIEM tool
Knowledge of ITIL disciplines such as Incident, Problem and Change Management
Additional Desired Skills
Strong verbal and written English communication
Strong interpersonal and presentation skills
Ability to work with minimal levels of supervision
Willingness to work in a job that involves 24/7 operations
Education Requirements & Experience
Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree
Minimum of 3-4 years of experience in the IT security industry, preferably working in a SOC environment
Certifications: GCIH, CCNA, CCSP, CEH
Show more Show less
Similar Jobs
M
MTS, Analog Design Engineering
Micron · Boise, United States, North America
M
Senior Engineer, STPG PE (FDV-Verilog)
Micron · Singapore, Singapore, Asia
M
Digital IC Design Engineer - Early Career
Marvell · Westborough, United States, North America
M
Staff Firmware/Software Engineer- Embedded SoC/Microcontroller/DSP/SERDES/AEC/Microled/ODSP/PHY/AI Connectivity
Marvell · Santa Clara, United States, North America