Manager - Cyber Defence/Cyber Security/Information Security - Manufacturing Firm

Manager Cyber Defence/Cybersecurity/Information Security

Experience: 8 to 12 Years

CTC: Upto 40 LPA

Location: Mumbai

Requisite Qualification :

- Graduate/PG in any discipline (Preferably in IT / Computer Science)

- Relevant industry certifications such as SANS GIAC / GCIA / GCIH / CISSP / OSCP, CEH, and or SIEM-specific training and certification will be an added advantage.

- Preferred: SIEM-specific training and certification will be an added advantage.

Experience :

- Overall 8 -10 years in Cybersecurity domains, relevant experience in incident response and investigations 5-6 Years.

- Must have 2-3 years of SOC experience.

- Knowledge of the SOC infrastructure and logging mechanisms of various technologies used in an organization.

- Good knowledge and understanding of SIEM technologies.

- Very good understanding of the cycle of cyber threats, attacks, attack vectors, and various methods of exploitation.

- A preferred Candidate who is handling a Cyber defence portfolio will be preferred.

Responsibilities :

- Develop and sustain incident response strategy covering the complete organization from policy, procedure, and playbooks perspective.

- Be a point of contact in case of an incident and manage incidents from detection to closure, post-incident analysis and further communication to all relevant stakeholders to prevent any further damage.

- Planning and executing threat hunting will be the primary focus of this role along with in-depth investigation and support to incidents escalated from SOC.

- Leading the technical and incident responders into cybersecurity and taking responsibility for the timely identification of threats and minimizing the same.

- Ensuring the completion of post-incident reviews, assessing the effectiveness of controls, detection and response capability, and supporting the required improvement in people, process and technology.

- Experience in conducting cyber incident drills.

- Collaborated with internal and external stakeholders (as applicable) for incident response and investigation

- Deep understanding of the technologies such as Next gen AV, EDR, and Vulnerability Management, HIPS, NIDS, Web proxy, DNS, DHCP, AD, Databases, Full packet capture, host-based & network-based forensics and encryption.

- Technical know-how on the organization's network, application, Data, systems and infrastructure.

- Be the Subject Matter Expert (SME) on incident response processes, tools and approaches to the wider team and other stakeholders.

- Must be able to conduct a detailed analysis of various security-related events like Phishing, Malware, DoS/ DDoS, Application specific attacks, Ransomware etc.

- Creation of reports, dashboards, metrics related to the security incidents and presentation to Senior Management.

- Experience working in large scale complex environment

- Think about cyberattacks and propose remedial steps based on the attack pattern.

- Broad level of knowledge of security technologies.

- Excellent knowledge of methodologies, processes and tools associated with supporting this function effectively.