Manager- CSIRT, Incident Remediation
- Atos
- 3 - 8 years
- Mumbai
- 16 hours ago
- Email to a friend
- Report this job
Job Description
About Atos Group
Atos Group is a global leader in digital transformation with c. 67,000 employees and annual revenue of c. 10 billion, operating in 61 countries under two brands Atos for services and Eviden for products. European number one in cybersecurity, cloud and high performance computing, Atos Group is committed to a secure and decarbonized future and provides tailored AI-powered, end-to-end solutions for all industries. Atos Group is the brand under which Atos SE (Societas Europaea) operates. Atos SE is listed on Euronext Paris.
The purpose of Atos Group is to help design the future of the information space. Its expertise and services support the development of knowledge, education and research in a multicultural approach and contribute to the development of scientific and technological excellence. Across the world, the Group enables its customers and employees, and members of societies at large to live, work and develop sustainably, in a safe and secure information space.
Cyber security incident response (DFIR) engagements covering incident handling and coordination, in-depth technical analysis, and investigation through to recovery.
Identify patterns and behaviours related to threat actors and propose improvements to detection and protection capabilities
Ability to communicate complex cyber-attacks to technical and non-technical audiences with recommended mitigating actions
Perform post incident lessons learned, root cause analysis and incident reporting
Conduct threat hunting across a large range of security solutions and products. Logs from SIEM, WAF, IPS/IDS, Network Anomaly, AV, EDR etc...
Lead and support Digital Forensics investigations and produce technical findings reports
Support team in driving continual improvements in incident response and threat detection
Required Technical and Professional Expertise Required skills and experience:
Security incident response, coordination, communications, mitigation, and remediation
Experienced and hardworking Cyber Security Professional, specializing in Security Incident Response & Security Operations with a minimum of 3 years experience within a SOC or CSIRT Function
Identification of threats through to resolution/mitigation, providing clear and significant communication
Document security incidents both for reporting and case study perspective
Conduct malware analysis to determine capabilities and aid the response of an incident
Digital Forensics experience across open source and commercial tools with knowledge of industry standard process and methodology
Good interpersonal and communication skills
Ability to provide technical mentorship to both technical and non-technical audiences
Endpoint and network-based analysis. (EDR, WAF, IDS/IPS, NGFW, Network Anomaly etc.) An in-depth knowledge of Windows and/or Linux/Unix & understanding of networking and common protocols.
Experience with Microsoft Azure Cloud Security products
Intelligence lead threat hunting and methodology
Ability to hunt for known and unknown threats
Any sector specific knowledge will also be helpful, an MSSP customer base covers many different sectors
Disassembly (low level programming language)/ reverse engineering experience will be helpful Desirable/Preferable skills and experience:
Excellent technical security knowledge of network architecture, IT infrastructure, applications, and systems including an understanding of cloud services such as MS Azure and AWS
Industry recognised certification relating to Cyber Security Incident Response (desirable)
Offensive Security Certified Professional or equivalent (desirable)
GIAC certification in GCFE, GCFA, GCIH or GCIA (desirable)
SANS Defensive and DFIR certifications (desirable)
Solid grasp of any of the following security frameworks; NIST, PCI DSS, ISO:27001 or The Critical Security Controls for Effective Cyber Defence
Functional knowledge of Incident Response and Cyber Security Operations along with Cyber Kill Chain, MITRE ***@**, NIST CSF, OSINT, TTPs, IOCs, APTs and how to best apply
Understanding of compliance requirements and how these relate to cyber security business practises and controls
Identify patterns and behaviours related to threat actors and propose improvements to detection and protection capabilities
Ability to communicate complex cyber-attacks to technical and non-technical audiences with recommended mitigating actions
Perform post incident lessons learned, root cause analysis and incident reporting
Conduct threat hunting across a large range of security solutions and products. Logs from SIEM, WAF, IPS/IDS, Network Anomaly, AV, EDR etc...
Lead and support Digital Forensics investigations and produce technical findings reports
Support team in driving continual improvements in incident response and threat detection
Required Technical and Professional Expertise Required skills and experience:
Security incident response, coordination, communications, mitigation, and remediation
Experienced and hardworking Cyber Security Professional, specializing in Security Incident Response & Security Operations with a minimum of 3 years experience within a SOC or CSIRT Function
Identification of threats through to resolution/mitigation, providing clear and significant communication
Document security incidents both for reporting and case study perspective
Conduct malware analysis to determine capabilities and aid the response of an incident
Digital Forensics experience across open source and commercial tools with knowledge of industry standard process and methodology
Good interpersonal and communication skills
Ability to provide technical mentorship to both technical and non-technical audiences
Endpoint and network-based analysis. (EDR, WAF, IDS/IPS, NGFW, Network Anomaly etc.) An in-depth knowledge of Windows and/or Linux/Unix & understanding of networking and common protocols.
Experience with Microsoft Azure Cloud Security products
Intelligence lead threat hunting and methodology
Ability to hunt for known and unknown threats
Any sector specific knowledge will also be helpful, an MSSP customer base covers many different sectors
Disassembly (low level programming language)/ reverse engineering experience will be helpful Desirable/Preferable skills and experience:
Excellent technical security knowledge of network architecture, IT infrastructure, applications, and systems including an understanding of cloud services such as MS Azure and AWS
Industry recognised certification relating to Cyber Security Incident Response (desirable)
Offensive Security Certified Professional or equivalent (desirable)
GIAC certification in GCFE, GCFA, GCIH or GCIA (desirable)
SANS Defensive and DFIR certifications (desirable)
Solid grasp of any of the following security frameworks; NIST, PCI DSS, ISO:27001 or The Critical Security Controls for Effective Cyber Defence
Functional knowledge of Incident Response and Cyber Security Operations along with Cyber Kill Chain, MITRE ***@**, NIST CSF, OSINT, TTPs, IOCs, APTs and how to best apply
Understanding of compliance requirements and how these relate to cyber security business practises and controls
Work Location: Bangalore and Mumbai
Here at Atos, diversity and inclusion are embedded in our DNA. Read more about our commitment to a fair work environment for all.
Job Classification
Industry: IT Services & ConsultingFunctional Area / Department: IT & Information SecurityRole Category: IT Infrastructure ServicesRole: Incident ManagementEmployement Type: Full timeContact Details:
Company: AtosLocation(s): Mumbai+ View Contact
Keyskills: Unix PCI DSS Linux Networking SOC ISO 27001 Windows Open source Security operations IPS
Fraud Alert to job seekers!
₹ Not Disclosed
Similar positions
Atos
Matoshree Gangubai Sambhaji Shinde hospital is Multi Super Speciality Hospital owned by Thane Municipal Corporation and Managed by Platinum Hospitals Pvt Ltd .
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in