Job Description

Company Description

Robert Bosch Engineering and Business Solutions Private Limited is a 100% owned subsidiary of Robert Bosch GmbH,

one of the world's leading global supplier of technology and services, offering end-to-end Engineering, IT and Business Solutions.

With over 18,000 associates, it's the largest software development centre of Bosch, outside Germany, indicating that it is the

Technology Powerhouse of Bosch in India with a global footprint and presence in the US, Europe and the Asia Pacific region



Primary day-today job duties involve IR related activities, follow up of incidents until closure, shift rostering, shift/ team management.

• Responsible for cyber incident response actions to ensure proper assessment, containment, mitigation and documentation
• Support cyber investigations and contribution to large and small scale computer security breaches
• Review and analyze cyber threats and provide SME support and training to junior level security analysts.
• Liaise with forensics, SOC team, legal as and when required.
• Interact and assist other investigative teams on time sensitive, critical investigations
• Develop IR Playbooks, IR Plan with comprehensive strategy to cover MIM process based on NIST, ENISA framework.
• Participate as part of a close team of technical specialists on coordinated responses and subsequent remediation of security incidents
• Manage the security monitoring enrollment process to ensure adequate coverage and effectiveness of all new and existing cloud and premise based applications, services and platforms
• Act as a liaison between cyber-defense, engineering, security architecture, network & system operations, and functional project teams to ensure effective project implementation that meets incident response requirements
• Work with colleagues in other technology departments as well as the business and product offices to establish effective, productive business relationships

• Facilitate the development and tuning of SIEM rules to support enrollments and ensure high fidelity alerting
• Develop monthly shift rosters & manage shifts.
• Support SOC Manager and other stakeholders develop reports weekly / monthly.
• Support in identifying areas to fine tune use cases.
• Publish periodic incident response report covering all aspects of the incident response lifecycle.

Qualifications

• 8+ years of experience in security, network or cyber engineering operations.
• 5+ years of related experience in cybersecurity or computer network defense
• Strong hands-on experience in implementing MITRE framework & TTPs.
• Bachelor of Engineering or equivalent in computer science, information systems, or a related technical discipline or equivalent professional experience directly related to information security, cyber, or computer network defense
• Proven subject matter expertise in relevant areas, such as incident response, intrusion analysis, incident handling, malware analysis or security engineering
• Strong knowledge of malware families and network attack vectors
• Strong knowledge of Linux, Windows system internals
• Demonstrated experience in an enterprise-level incident response team or security operations center. Direct experience handling advanced cyber security incidents and associated incident response toolset
• Strong working knowledge of common security tools, such as a SIEM, AV, scanners, proxies, WAF, NetFlow, IDS or forensics tools
• Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied (including executive) audiences
• Relevant security related certifications a plus: CISSP, GCIA, GSEC, GCIH

Additional Information

Good oral and written communication

Very good analytical skills and listening skills

Should have an excellent attitude and should be a good team player