Lumen Technologies
Location
Bangalore | India
Job description
About LUMEN
Lumen is guided by our belief that humanity is at its best when technology advances the way we live and work. With 450,000 route fiber miles serving customers in more than 60 countries, we deliver the fastest, most secure global platform for applications and data to help businesses, government and communities deliver amazing experiences. Learn more about Lumen’s network, edge cloud, security and communication and collaboration solutions and our purpose to further human progress through technology at news.lumen.com, LinkedIn: /lumentechnologies, Twitter: @lumentechco, Facebook: /lumentechnologies, Instagram: @lumentechnologies and YouTube: /lumentechnologies. Job Location: Bangalore Experience: 5-8 Years Notice Period: Immediate to 30 days joiner Mandatory Skills: MITRE, Cyber Kill Chain, Diamond model of intrusion analysis ,host and network security hardening and requirements; networking protocols; common intrusion techniques; and common risk management concepts Security +, C|EH, OSCP, GCIH, CISSP, GPEN, GWAPT, GISEC, CISM or CISA The Role Cybersecurity Incident Response Team (CIRT) Engineers are expected to respond to and mitigate/remediate cybersecurity alerts from company assets. CIRT Engineers research and recommend preventative measures in conjunction with managing reactive alerts. In addition, CIRT Engineers are responsible to evaluate current capabilities and predict future needs, then work with internal stakeholders, vendors, and peers to anticipate, define, and pursue these capabilities. CIRT engineers should have in depth knowledge IR process and steps along with escalation procedures. Knowledge of forensic analysis and chain of command / order of volatility when collecting evidence is a bonus. IR engineers should have knowledge of DLP And FIM products. Any experience in malware analysis is welcome but not a must The Main Responsibilities Respond to, remediate, and document information security incidents not limited to dashboard (Advanced Threat Appliance & SIEM) alerts, tickets, emails, or phone calls. Actively hunt the enterprise for insecure, suspicious, or malicious activity. Review data that is processed within the SIEM to find incident evidence and suspicious events as well as out of scope events. Verify and validate security notifications from both internal and external sources. Identify and resolve incidents that are not defined by (or deviate from) an existing incident response guide. Assist with significant incidents as needed or assigned. Provide feedback for development and consistency of automated threat detection mechanisms. Update and maintain response guides for accuracy. Support Security projects to improve Cyber Defense Team or Company's security posture. Demonstrate effective communication skills, both verbal and written Knowledge of forensic tools such as encase, FTK would be good to have. Hands on knowledge of threat hunting frameworks such as MITRE, Cyber Kill Chain, Diamond model of intrusion analysis is a plus Recommend process improvements and new tools / techniques for IR would be a plus Research on latest TTP’s used by attackers and keep themselves up to date on latest happenings in cyber space What We Look for in a Candidate Minimum Qualifications: Undergraduate degree in computer science, engineering, or related field, or equivalent experience. Solid understanding of information security fundamentals, host and network security hardening and requirements; networking protocols; common intrusion techniques; and common risk management concepts. Analytical and problem-solving skills related to networking, operating systems, and malware analysis. Candidate must possess, or be willing to pursue, applicable professional/technical certifications, such as Security +, C|EH, OSCP, GCIH, CISSP, GPEN, GWAPT, GISEC, CISM or CISA. Strong oral and written communication skills and comfort with presenting technical issues to all levels of management, as well as non-technical staff. Broad technical knowledge of current and emerging technologies. Ability to work with management to gain necessary support and present reports / findings in a professional manner Train juniors and write blogs / articles / whitepapers on things happening around IR / forensic analysis would be of great added value Should be able to run IR drills on short notice Preferred Qualifications: PREFERRED TOTAL YRS OF IT EXPERIENCE: 5-8 years Experience in incident response, computer forensics security, risk assessments, application security or network security. Experience in network and/or firewall engineering, administration, design and implementation including experience in applying methodologies and principles for all levels of security. Understanding of the following tools: SIEM, IDS / IPS, host based anti-virus, or similar products. Experience in network monitoring tools to monitor attacks/threats and doing the initial triage of findings. Microsoft or UNIX (including Linux or other UNIX derivatives) operating system administration/support experience. Experience with technologies, tools, and process controls to minimize risk and data exposure. Development experience in scripting languages such as Python or Perl. Experience in large enterprise or carrier data centers and/or networks.Job tags
Salary
