NAB | Security Operations Center Consultant | gurugram

Why NAB?We believe success comes from our people. We're committed to supporting your talent and skills through your career, as you help us build a culture that affects change for our customers - and for the community too.We are an equal opportunity employer and have a diverse and inclusive workforce supported by our African Australian and Indigenous employment programs, Graduate and Trainee programs. We are proud of our LGBTI Gold employer status by AWEI, and our commitment to gender equality.PurposeCapabilities, Experience & Qualification Requirements •This role exists to execute the cybersecurity incident detection and response function within Security Services.•The role is also responsible for contributing to the on-going maturity of the team, processes and frameworks.•The role requires good technical skills and knowledge of incident detection and response.Essential capabilitiesSIEM SplunkIDS/OPSCrowdstrike endpoint protectionMS Defender SuiteExperience•6+ years of experience in a SOC, Offensive Security, intelligence, detection, hunting and/or SOAR role•Incident response methodologies and techniques•Detection and mitigation strategies for a broad range of cyber threats, including malware, DDOS, hacking, phishing, lateral movement and data exfiltration•Common enterprise technologies, such as Windows, Linux, Active Directory, DNS, DHCP, web proxies, SMTP, TCP/IP, AWS and Azure•Malware analysis and reverse engineering, including dynamic and static analysis•Ability to perform vulnerability assessments and penetration testing, including network, infrastructure and application exploitation•Operational usage of common analysis and response tooling, including Splunk, FireEye, Crowdstrike, Phantom, Akamai etc•NIST framework•MITRE ATT&CK, Lockheed Martin Cyber Kill Chain™ or similar methodologiesQualification Requirements•Risk Ready - For New Starters Only•Safety and SecurityRole Specific•Respond to cyber-security threats, vulnerabilities, events and incidents•Perform incident response investigations to resolution•Support the team in meeting operational metrics and requirements•Identify tactical detection/mitigation strategies across the environment•Continuously contribute to the operational efficiency and maturity of the team, processes, detection use cases and response playbooks•Maintain an up-to-date knowledge of cyber threats•Research, new techniques, new tooling/development•Contribute to continuous learning and knowledge sharing within the team•Work in a business hours + rostered on-call environment•As required, support internal stakeholders and projects•Act as technical contributor during major security incidents•Work with Threat Intelligence, Detection and Automation teams to prioritise and develop detection capability•Work with the Red Team to actively test and validate detection/response capabilities•Work in a 'business hours, non business hours, weekend shifts + rostered on-call' environment•Other related activities as required by Management or CSOC Leads AGG