Security Incident Response(mitre+ir+sentile)

Security Incident Response Mandatory SKILL- Mitre IR Sentinel JD- for Incident Response As a Security Incident Response SME you will play a critical role in protecting client s assets and ensuring the security of client systems and data You will be responsible for promptly identifying assessing and responding to security incidents to minimize their impact on our operations This position requires a proactive mindset strong analytical skills and the ability to work effectively under pressure Responsibilities Leading and managing the Incident Response team L2 L3 Primarily responsible for directing security event monitoring management and response and cyber intelligence Investigate and analyse security incidents to determine their cause scope and impact Document incident response activities including findings actions taken and lessons learned Stay informed about the latest security threats vulnerabilities and industry best practices Participate in security incident response exercises and simulations to test the effectiveness of response plans Provide guidance and support to other team members on security incident response procedures and techniques Collaborate with internal teams to identify and address security gaps and weaknesses in our systems and processes Pinpointing the methods that attackers would use to gain access to the client s systems and underlying data identifying exploits and weaknesses within the organizations defences Uncovering inadequate security practices password policies and other human errors using social engineering techniques Recommending processes and procedures to mitigate against human error in future Ensuring that file directory and login permissions are restricted to those that need access to them and no one else Collate all findings together into a formal document with the report highlighting all issues uncovered together with recommended remedial actions that should be taken by the client Recommending a process of penetration and vulnerability testing that the organization Ability to work independently prioritize existing projects tasks and proactively determine areas requiring additional attention monitoring or maintenance Ability to understand the laws rules regulations policies procedures standards and guidelines governing all SOC IR Having experience on creating and updating various PowerShell script for active directory and Azure AD and O365 Should be able to verify the client s remedial actions providing feedback and verifying their fixes to any highlighted security issues Often a final Penetration Test will be necessary to confirm success Research and maintain proficiency in computer network exploitation tools techniques countermeasures and trends in computer network vulnerabilities data hiding network security and encryption Providing guidance coaching and development opportunities in a collaborative and high-performing team environment Key Skills Analytical thinker willing to think outside the box to resolve customer impacting situations on first contact understand customer risk profile Extensive background of various operating systems Window Unix Linux network firewalls IPS WAF Web proxy VPN mail gateway cloud Azure AWS and security engineering concepts Knowledge of scripting languages Microsoft Sentinel and SNOW will be advantageous Knowledge on leading security framework such as ISO 27001 CE Mitre Telecommunication ck NIST-CSF Strong communication and interpersonal skills with the ability to work effectively with cross-functional teams Relevant certifications such as Certified Incident Handler GCIH Certified Information Systems Security Professional CISSP or equivalent certifications are preferred