Principal , Threat Engineer - Chennai - Ingram
- Ingram Micro
- 3 - 8 years
- Chennai
- 4 years ago
- Email to a friend
- Report this job
Job Description
Key Responsibilities
- Develop new and novel defense techniques to identify and stop advanced adversary tactics and techniques.
- Perform forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTP (Tactics, Techniques, and Procedures).
- Investigate incidents leveraging forensics tools including Encase, FTK, X-Ways, Axiom, SIFT, and Splunk to determine source of compromises and malicious activity that occurred.
- Collect, analyze, assess, and disseminate information about cyber threats and potential attacks.
- Conduct human-driven, proactive, and iterative hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities that have evaded detection by existing tools.
- Lead the Security Incident Response Team (SIRT) in responding to active and time-sensitive threats including communications and coordination across different teams.
- Work closely with other members of the Information Security team to lead changes in the company's defense posture.
- Maintaining proper chain of custody of evidence and associated documentation
- Testifying in court, Grand Jury, or other legal proceedings through testimony, sworn affidavits, or other legal instruments.
Skills Experience
- 3+ years of strong hands-on experience in digital forensics examinations and/or investigations using the EnCase tool.
- 3+ years of experience in law enforcement (deputized) investigations (fraud, counterintelligence, high-tech crimes, etc.).
- 3+ years of experience in interviewing after taking a Reid Technique class (or an equivalent)
- Advanced knowledge and understanding in various disciplines such as security engineering, system and network security, authentication and security protocols, cryptography, and application security.
- Experience with cloud services.
- Strong understanding of vulnerabilities, common attack vectors and has attacker mindset: ability to think about creative threats and attack vectors.
- Strong communication (i.e., written and verbal), presentation, teamwork skills and resourcefulness.
- Deep understanding of internals and constructs of modern operating systems.
- Experienced with EnCase, FTK, X-Ways, Axiom, SIFT, Splunk, Elastic Stack, Redline, Volatility, WireShark, TCPDump, and open source forensic tools.
- Proficiency with at least one interpreted programming language (Python, Ruby, etc.).
- Relevant security certifications (EnCE, OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA).
Job Classification
Industry: IT-Software, Software ServicesFunctional Area: IT Software - Network Administration, Security,
Role Category: Admin/Maintenance/Security/Datawarehousing
Role: Admin/Maintenance/Security/Datawarehousing
Employement Type: Full time
Education
Under Graduation: Any Graduate in Any SpecializationPost Graduation: Post Graduation Not Required
Doctorate: Doctorate Not Required, Any Doctorate in Any Specialization
Contact Details:
Company: Ingram MicroLocation(s): Chennai
+ View Contact
Keyskills: Information security Network security splunk Application security Forensic Open source Cryptography Ruby Python WireShark
Fraud Alert to job seekers!
₹ Not Disclosed
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in
