Job Description

what you will do work on a diverse domain of information security across the organisation, most important infrastructure and data security responsible identifying security issues (external as well as internal), help stakeholders to mitigate and at frequent occasions build a solution around some of the complex problem statements implement/maintain security for cloud-based systems/applications formulate new detection ideas based on newly-published research, industry trends, or major incidents. respond to security incidents and think of how to prevent such incidents develop and enhance the CRED\'s detection, monitoring and response capabilities automate various security incident responses using playbook build in-house security analytics solutions using open source tools (log parsing, event correlation and threat detection) research/conduct threat hunting operations using known adversary tactics, techniques and procedures to detect advanced threats build in-house security frameworks to establish a state of art security culture inside tech be responsible to track security incident responses across the organisation assist with creating security awareness and maintaining prudent security engineering culture within an organisation enable compliance in teams and help them achieve some of the industry\'s best practices (e.g. PCI DSS, ISO 27001) you should apply if you have: 2-6 years of experience in information security proficiency in one of the programming languages (python, golang, bash) the ability to be a go-to person and communicate effectively with stakeholders (engineers, product, business teams) an understanding of MITRE ATT&CK, Cyber Kill Chain, Diamond Model knowledge in operating centralised log analysis tools - ELK, Splunk, etc experience with deploying custom-built and scalable security solutions & enterprise or open-source security tools - SIEM, IDS/IPS, EDR, FIM, PAM experience with handling incident response life-cycle (detection, identification, containment, analysis, remediation and reporting) the ability to read packet capture or memory dumps and create regex on the fly. a GitHub profile, blog or a conference presentation the ability to influence organisations and stakeholders by practising a data-driven approach ability to be proactive in keeping yourself updated with security news/issues/breaches/tools/blogs on the internet the zeal to explore diverse domains of information security and have a fast learning curve the ability to distill complex security threats and risks into simple terms for non-security (and even non-technical) stakeholders.

foundit