Incident Response Analyst

Level 2 Incident Response Analyst Role Overview: As a Level 2 Incident Response Analyst, you will play a pivotal role in enhancing the cybersecurity posture of Maharashtra. Your expertise will contribute to deep investigations, escalated incident handling, and proactive threat mitigation. This position requires 5 to 7 years of experience and a commitment to maintaining the security of critical systems. Responsibilities and Deliverables:

1. Deep Investigation of DNS Lookups :

• Analyze DNS queries and responses to identify anomalies.
• Investigate suspicious domain names, IP addresses, and communication patterns.
• Collaborate with other teams to uncover hidden threats.

1. Handle Escalated Investigations :

• Receive escalated incidents from Level 1 analysts.
• Conduct in-depth analysis of security incidents.
• Determine root causes, impact, and potential remediation steps.

1. Provide Onsite / Off-site Incident Response Support :

• Respond promptly to incidents, whether on-site or remotely.
• Coordinate with incident response teams, law enforcement, and other stakeholders.
• Ensure effective containment and eradication of threats.

1. Intel Advisory Review and Dissemination :

• Review threat intelligence reports and advisories.
• Disseminate relevant information to internal teams and external partners.
• Contribute to threat briefings and situational awareness.

1. Attack Surface Validation :

• Assess the organization’s attack surface comprehensively.
• Identify vulnerabilities, misconfigurations, and potential entry points.
• Collaborate with vulnerability management teams to prioritize remediation efforts.

• Experience : 5 to 7 years of hands-on experience in incident response, cybersecurity, or related fields.
• Education : Bachelor’s degree in Cybersecurity, Computer Science, or a relevant discipline.
• Certifications (Preferred) :
• Certified Incident Handler (GCIH)
• Certified Ethical Hacker (CEH)
• Offensive Security Certified Professional (OSCP)
• Technical Skills :
• Proficiency in analyzing DNS traffic, network protocols, and log data.
• Familiarity with SIEM tools, threat intelligence platforms, and forensic analysis.
• Knowledge of malware analysis techniques.
• Soft Skills :
• Strong analytical and problem-solving abilities.
• Effective communication and collaboration skills.
• Ability to work independently and as part of a team.

• Operating Time : 9.5 hours per day, 5 days a week (standard business hours, working in shift as per customer need).

• Applicant must be willing to sign an NDA, and undergo security verification, including police verification.
• Applicant must be an Indian national.
• The role is primarily on-premises only, with limited remote support.
• The success of the project relies on the integrity and dedication of the incident response team.