Cyber Security Forensics SME

Job Title: Cyber Security Forensics SME
Location: UniOps Bangalore
About Unilever
Be part of the world's most successful, purpose-led business. Work with brands that are well-loved around the world, that improve the lives of our consumers and the communities around us. We promote innovation, big and small, to make our business win and grow; and we believe in business as a force for good. Unleash your curiosity, challenge ideas and disrupt processes; use your energy to make this happen. Our brilliant business leaders and colleagues provide mentorship and inspiration, so you can be at your best. Every day, nine out of ten Indian households use our products to feel good, look good and get more out of life – giving us a unique opportunity to build a brighter future.

Every individual here can bring their purpose to life through their work. Join us and you'll be surrounded by inspiring leaders and supportive peers. Among them, you'll channel your purpose, bring fresh ideas to the table, and simply be you. As you work to make a real impact on the business and the world, we'll work to help you become a better you.

About Uniops
Unilever Operations (UniOps) is the global technology and operations engine of Unilever offering business services, technology, and enterprise solutions. UniOps serves over 190 locations and through a network of specialized service lines and partners delivers insights and innovations, user experiences and end-to-end seamless delivery making Unilever Purpose Led and Future Fit.

Responsibilities

• The person in this role is expected to generate leads for the Incident Response team (based on forensic evidence) for timely containment and response actions. It is expected that the person leads all in-house investigations and also coordinates with external investigators/specialists in major incidents.
• Conducts forensics analysis of cyber security incidents to deduce RCA and understand the relevant threat (for example malware behaviour and TTP through static and dynamic analysis) and potential impact.
• Utilizes latest and advanced knowledge of SOC Technologies and Forensic technologies (such as Memory Forensics, Network Forensics, Filesystem Forensics, Malware analysis and Reverse Engineering, Device Forensics - HDD/SSD/Smart Phone) across various platforms (end-points, servers, AWS/Azure/GCP cloud) and Operating Systems (Windows, Linux, UNIX, Mac, AIX, etc.) for supporting Forensics investigations.
• Participates in scoping discussions with stakeholders for forensics capability projects and investigations to understand the requirement, identifies and communicates feasibility and approach, undertake and follow-up actions till timely delivery and successful conclusion.
• Ensures that all investigations are appropriately conducted and documented as per cardinal forensic principles and evidence handling (collection, analysis, sharing and preservation) is compliant to the process.
• Effectively and timely triage and respond to incident investigation.

Key Requirements
MANDATORY

• Strong ethics, communication and team skills
• Hands-on experience with Enterprise SIEM (like Splunk, QRadar, Sentinel, etc) and EDR tools (like Microsoft Defender, CrowdStrike Falcon, etc)
• Hands-on experience with Enterprise Forensics tools (like EnCase, FTK, AXIOM, etc)
• Hands-on experience in memory forensics, network forensics and malware analysis
• Minimum 10 years of enterprise experience in a global SOC (Security Operations Centre) / DFIR (Digital Forensics or Incident Response) domain.
• Working knowledge of at least one of the scripting tools: Python/ Perl/ PowerShell
• EnCase Certified Examiner (EnCE)
• GIAC Certification GCFE/ GCFA/ GREM/ GNFA

At HUL, we believe that every individual irrespective of their race, colour, religion, gender, sexual orientation, gender identity or expression, age, nationality, caste, disability or marital status can bring their purpose to life. So apply to us, to unleash your curiosity, challenge ideas and disrupt processes; use your energy to make the world a better place. As you work to make a real impact on the business and the world, we'll work to help you become a better you

Note:
"All official offers from Unilever are issued only via our Applicant Tracking System (ATS). Offers from individuals or unofficial sources may be fraudulent—please verify before proceeding."