Cyber Defense Sr Specialist / Digital & Cloud Forensics Expert
- SAP Servers Tech
- 6 - 10 years
- Bengaluru
- 3 months ago
- Email to a friend
- Report this job
Job Description
- Conduct initial assessments and help drive root cause analysis.
- Contribute to the development of attack remediation and response strategies.
- Coordinate escalation handling and communication across teams.
- Triage operational security processes, including phishing response.
- Assist in maintaining and improving incident handling documentation such as playbooks, runbooks, and standard operating procedures.
- Collaborate with Detection and SIEM teams to enhance detection logic and alert accuracy.
- Support forensic investigations with technical insights and evidence collection.
- Analysing cloud logs and telemetry for signs of compromise (e.g., CloudTrail, VPC Flow Logs, Azure Activity Logs).
- Leverage your offensive knowledge to identify gaps, simulate attacks, and drive improvements in detection, response, and hardening strategies.
- We value hands-on practitioners our environment includes sandboxing, red vs. blue testing, or adversary emulation frameworks (e.g., MITRE ATT&CK, CALDERA, Atomic Red Team) and opportunities to build tooling or simulate attack chains.
What you bring
- We are seeking analytical and detail-oriented critical thinkers who are solution-focused and thrive in dynamic environments.
- The ideal candidate should be a fast learner with the ability to adapt quickly and respond effectively to changing circumstances.
- Preferred Technical Skills and Experience:
- Experience of 8 14+ years in a cyber incident investigation role or equivalent combination of education, certifications, and relevant training.
- Certifications - Industry-recognized certifications such as Security+, GCIA, GCIH, GCFA, GCFE, GREM, CISSP (or equivalent).
- Strong understanding of Advanced Persistent Threat (APT) actors, their tools, techniques, and procedures (TTPs), as we'll as threat modelling frameworks.
- Proficiency in TCP/IP communications and knowledge of core network protocols and applications such as DNS, HTTP, and SMB.
- Security Infrastructure Tools: (SIEM, IDS, EDR, DNS, other Deception technologies)
- Proficiency in scripting languages such as PowerShell, Python, or Bash.
Core Forensic Competencies:
- Expertise in memory, disk, and file system forensics across multiple OS platforms (Windows, Linux, macOS).
- Experience performing volatile memory acquisition and analysis (e.g., using Volatility, Plaso, Sleuth Kit, Velociraptor, KAPE).
- Proficient in analysing logs, timelines, and system artifacts to reconstruct attacker activity.
- Proficiency in forensic toolsets such as EnCase, FTK, X-Ways, Autopsy/other.
- Knowledge of file carving, metadata analysis, and data recovery.
Cloud Forensics & Logging:
- Experience analysing cloud logs (e.g., CloudTrail, Azure Activity Logs, GCP Audit Logs).
- Familiarity with cloud storage and compute forensics (e.g., EC2, Lambda, S3, Blob Storage).
- Ability to investigate container and orchestration layers (e.g., Docker, Kubernetes, EKS/AKS/GKE)
Where you belong
- An SAP Global Cyber Senior Incident Response and Recovery Investigator plays a critical role in safeguarding SAP s digital enterprise
- As a front-line defender, the Investigator is responsible for triaging security events identified by monitoring tools, analysing data to assess severity and urgency, and conducting initial evaluations to determine whether a cyberattack is underway
- When a potential incident is identified, the Investigator works closely with Global Security Operations to scope the impact, coordinate containment efforts, and support forensic investigations to uncover the nature and details of the attack
Job Classification
Industry: IT Services & ConsultingFunctional Area / Department: IT & Information SecurityRole Category: IT & Information Security - OtherRole: IT & Information Security - OtherEmployement Type: Full timeContact Details:
Company: SAPLocation(s): Bengaluru+ View Contact
Keyskills: SAP Linux Analytical Cloud Forensic investigations Windows Information technology Operations Analytics Auditing
Fraud Alert to job seekers!
₹ Not Disclosed
Similar positions
SAP Servers Tech
SAP Servers Tech help our clients achieve their business goals and objectives by guiding them through all the options for SAP Server Access systems available. SAP Servers tech is providing supports to multiple domestic clients.
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in