Effective triaging and prioritization of incoming alerts per MITRE ATT&CK framework. 

Expertise with host and network-based security tools 

Ensure the timely identification, response, investigation, and remediation of all security events and incidents 

Thorough understanding of advanced security and network concepts (Operating systems, intrusion/detection, TCP/IP, ports, etc.) 

Develop, maintain, and enhance related IR processes and playbooks, documentation,and other supporting procedures 

Expertise with network monitoring in a SOC environment 

Develop and maintain program metrics, KPIs and reporting for the incident response program to drive continuous improvement 

Aid in the evaluating, planning, configuration, and implementation of supporting security initiatives and solutions 

Ensure security industry standards and best practices are identified and integrated into the program approach and methodologies 

Expertise in Malware Analysis and Memory Forensics. 

Knowledge in cloud response and containment 

Ability to navigate ambiguity and develop working with Teams 

Excellent written and oral communication skills 

Knowledge of different types of vulnerabilities like OWASP Top 10/20. 

Programming knowledge with a popular modern language utilized by above tools (i.e. Java, PHP, Python, Ruby etc.) 

Life-long learner - always stay up to date with latest attack vectors, vulnerabilities, remediation and protection paradigms, etc. 

Knowledge: 

• Experience managing and leading security analysts in a security operation center. 
• Proven results developing and implementing methods, processes, and procedures for detecting, responding, and resolving computer security incidents 
• Deep understanding of present-day cyber-threats, attacker techniques and behaviors and effective methods to both detect & repel these threats for a global organization. 
• Experience with supporting security technologies such as firewalls, proxies, web and email filters, application whitelisting, sandboxing, SIEM, threat intelligence, vulnerability scanning, syslog, IDS/IPS, DLP,EDR, Cloud etc. 
• Strong technology experience with IT technologies including networks, endpoints, virtualization, cloud, operating systems, email, storage, databases, etc. 
• Proficiency leading projects and project management experience with a focus on delivery and execution 
• Highly motivated and self-directed with a passion for solving complex problems 

Must be able to prioritize based on risk, schedule and track to deadlines for self and team members 

Experience

• 5-10 years experience in Information Security Domain 
• Graduation Degree/Btech 

CEH / OSCP / CHF certifications is added advantage