Ennsee Technologies
Incident Responder
100% Remote
Must be local to Kerala
Must have 4-6 years of Relevant Experience
18-24 Months Contract
Shift: 2 PM to 10 AM
Overview:
The Incident Responder is responsible for leading the investigation and response efforts for cybersecurity incidents. This role involves coordinating with SOC team members, IT staff, and external stakeholders to effectively contain, mitigate, and remediate security breaches.
Technical Skills:
SIEM Systems: Experience with tools such as Splunk, IBM QRadar, LogRhythm, and Elastic SIEM.
EDR Platforms: Familiarity with CrowdStrike Falcon, SentinelOne, and Carbon Black.
Network Traffic Analysis: Proficient in tools like Wireshark, Zeek (formerly Bro), and tcpdump.
Forensic Analysis Tools: Knowledge of Autopsy, The Sleuth Kit (TSK), and Volatility.
Threat Intelligence Platforms (TIP): Experience with Anomali ThreatStream, ThreatConnect, and Recorded Future.
Malware Analysis Tools: Familiarity with VirusTotal, Cuckoo Sandbox, and IDA Pro.
Vulnerability Scanning Tools: Experience with Nessus, Qualys, and Rapid7 InsightVM.
Email Security Gateways: Knowledge of Proofpoint, Mimecast, and Cisco Email Security.
Key Responsibilities:
Incident Management:
Lead the identification, assessment, and prioritization of cybersecurity incidents, adhering to established protocols and escalation procedures.
Investigation:
Conduct in-depth analysis of security breaches using forensic tools and methodologies to gather evidence, determine root causes, and ascertain the extent of the compromise.
Response Coordination:
Collaborate with cross-functional teams, including SOC analysts, IT administrators, legal advisors, and law enforcement, to orchestrate timely and effective response actions.
Containment and Mitigation:
Implement containment measures to prevent further proliferation of security threats and deploy mitigation strategies to minimize impact on critical systems and data.
Remediation:
Develop and execute remediation plans to restore affected systems and infrastructure to a secure state, ensuring compliance with regulatory requirements and industry standards.
Communication:
Serve as the primary point of contact for communication with internal stakeholders, external vendors, and regulatory bodies, providing regular updates on incident status, response efforts, and post-incident reviews.
Documentation:
Maintain comprehensive documentation of incident response activities, including incident reports, forensic findings, and lessons learned, to facilitate continuous improvement and knowledge sharing within the organization.
Certifications (Preferred):
Certified Incident Handler (GCIH)
Certified Information Systems Security Professional (CISSP)
Certified Ethical Hacker (CEH)
GIAC Certified Forensic Analyst (GCFA)
Certified Cloud Security Professional (CCSP)
CompTIA Cybersecurity Analyst (CySA+)
EC-Council Certified Incident Handler (ECIH)
CompTIA Security+
Ennsee Technologies
You must sign in to apply for this position.