- Perform Cyber Investigations for various security incidents
- Guide the team on various cyber investigations on daily basis
- Team management experience is a must
- Participate in Security Incident calls with various stakeholders
- Should have cyber-Law background and experience along with cyber security investigations experience
- Must have Good understanding and hands on experience in Data Loss Prevention- DLP security incidents investigation.
- Experience and exposure to DLP solutions like End point DLP, Email DLP and CASB Cloud DLP solutions for identifying the right incidents and investigations.
- Good understanding of IT Infrastructure and Application security
- Good understanding about Cloud Security specifically AWS, Azure & Google Cloud
- Investigative mindset along with objective approach to address the broad spectrum of security related concerns prevalent.
- It will primarily consist of conducting incident response investigations on behalf of a wide variety of stakeholders.
- The individual must have a wide breath of knowledge across multiple IT and Information Security technologies.
- The individual must be able to lead information security investigations affecting Wipro's enterprise wide computing environments and networks
- Excellent verbal and written communication skills are a must since the primary output of incident response investigations include well written reports and executive presentations.
- The individual must be self-motivated and have the ability to recommend both tactical and strategic enterprise solutions to complex problems.
- The individual must be able to maneuver within the complexities associated with large fortune 100 companies such as changing policies, procedures
- Attention to detail and investigative thoroughness are a must
Duties:
- Plan, organize and devise approaches necessary to respond to incidents and obtain useful forensic information from the evidence submitted, taking into consideration the requirements by agency regulations, applicable laws - and company policies as they apply.
- Lead team of DLP L2 Analysts who will be responsible for Data Leakage Prevention investigations
- Lead a virtual team of Incident Response participants during times of active incidents
- Conduct incident and investigations post-mortem briefings, analysis, and reporting as required.
- Apply broad security industry, technology, business, and professional knowledge to contribute to policymaking and process design.
- Research and stay current on the latest trends, best practices, and technology developments. Sensitivity: Internal & Restricted
Requirements:
- Candidates are expected to have previous experience working in a large enterprise that employs a wide range of security management tools such as IDS/IPS (network and host), advanced anti-malware (network and endpoint), DLP, encryption, anti-virus, firewalls, identity management, NAC, etc.
- 15+ years of demonstrated experience in Incident Response and cyber investigations
- Experience leading a team of cyber investigations senior and junior team members
- Lead team of Data Security L2 Analysts who will be responsible for Data Leakage Prevention investigations
- Strong organizational, multi-tasking, and time-management skills
- Strong negotiation, influence, mediation conflict management skills
- Expert understanding of operating systems (Windows, Linux, iOS/Android)
- Expert understanding of network architecture and security infrastructure placement
- The candidate must also be available 24/7 in case there is a need to conduct an investigation off-hour.
- Travel is at a minimum, but since this is an enterprise position, some travel is required, currently it is work from home.
- Exceptional ability to remain calm under stress
Preferred Qualifications:
- Undergraduate Degree
- 15+ years of demonstrated security experience
- Education/Certifications: CERT-CSIH, GCIH, CISSP, CISM, CISA, CIIP, CEH, Cyber Law, Legal degree or certification
- Exposure to security standards NIST Cyber Security Framework, NIST SP800-53, COBIT, ISO27001
- Understanding of threat modelling concepts such as threat indicators, threats actors and vectors is a plus
- Good Understanding and exposure to Data Leakage Prevention solutions- DLP for endpoint, CASB, Email DLP solutions is a must.
- Good understanding of Cyber Kill Chain process and various cyber attack vectors and Indicators of compromise, MITRE Attack framework.
Didn’t find the job appropriate? Report this Job