Deloitte Hiring 2022. Deloitte Notification full details below..Interested and eligible candidates can Apply Now.Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way.
Vacancy details:
- Post Name: Cyber Threat Management Analyst (L1)/Sr. Incident Response Analyst (L2)/Incident Response Leader (L3)
- Qualification: Any Graduate
- Experienced: 3 – 8 years
Job Description: Greeting from Deloitte !!!!!
Important Details :
- Post of date:10-11-2022
- Location: Mumbai (All Areas)
- Selection Process: The selection will be on the basis of Interview.
- Mode of Interview: Virtual
- Interview Rounds of Interview: HR
Roles and Responsibilities
We are having SOC Hiring drive in Virtual Mode on 19th Nov’22 with Deloitte India- Thane (Mumba CEC) Location.
Interested candidates should have mandatory experience in SPLUNK and should be ready to work in 24*7 shift timings. Additional benefits will be provided to the employees once you will part of the team!
Job Description for L1/L2 /L3 :-
Role : Cyber Threat Management Analyst (L1) :-
Preferred Knowledge Demonstrates proven expertise and success in incident handling, triage of events, network analysis and threat detection, trend analysis. Should have the following skills: • Deep understanding of computer intrusion activities, incident response techniques, tools, and procedures • Knowledge of Windows, Active Directory, DNS & Linux operating systems, • Good Experience in SOC monitoring though Splunk SIEM • Knowledge of SOAR technologies, working with playbooks (Cortex, Phantom, Demisto) • Working experience and knowledge of ITSM tools for incident management. • Must be action oriented and have a proactive approach to solving issues. • Knowledge of security logs, log quality review. • Knowledge on IT (Operating systems, networking, databases) and IT security knowledge (system and network security) including IT security tools. • Good knowledge of office collaboration tools Responsibilities & Duties Delivery • Detect, Analyze, Investigate, and report qualified security incidents to the Client as per the defined SLA • Provide recommendations to the security incidents reported as per SLA • Investigates incidents using various security event sources (FW, IDS, PROXY, AD, EDR, DLP etc.). • Investigations into non-standard incidents and execution of standard scenarios. • Provide dashboard and data related to Incidents/Offenses for governance reports. • Escalates to L2 if investigations uncover unusual or atypical situations. • Perform system health check of security monitoring devices & report anomalies to admin/engg team. • Escalation to client Management if the incidents are not closed by client as per the escalation metrics • Closure of incidents on ITSM tool with accurate resolution comments to determine true positive and false positive classification. • Monitoring unhealthy log source/data source and escalate to engineering team to fix them.
Role: Sr. Incident Response Analyst (L2) :-
Responsibilities • Participate in incident response (IR) efforts; detect, identify, respond, contain and remediate all information security incidents. • Rapidly and accurately determine the source of a security incident and moving quickly to identify and apply containment, mitigation, and remediation steps. • Contribute to the execution of Cyber Security operations, incident response, and investigations spanning across all functions of the Corporate Security organization. • Track, monitor incident actions while applying intelligence, situational awareness to prioritise incident actions based on risk • Responsible for Incident and Breach communications, assessments, and reports and customer facing, to include leadership and executive management for the purpose of enabling Senior Management to make decisions in a crisis • Develop and document processes to ensure consistent and scalable response operations • Deliver tabletop IR assessments and real-life IR simulations at a technical and executive level. • Conduct in-depth root cause analysis on complex malware and user/system behaviour event • Gather and analyse forensic evidence for cyber security incidents and investigations. • Develop and document enhanced event analysis and incident response processes and procedures Skills required • 3-5 years Information Security experience • Ability to work in time-sensitive and stressful situations with ease and professionalism, possess an efficient and versatile communication style • Evidence handling • Data acquisition (Disk, Memory, Mobile, Cloud, Enterprise Wide) • Digital forensics (Windows, Mac OS, Linux/Unix) • Thorough understanding of Cyber kill chain and MITRE ATT&CK framework. • Experience with one or more of SIEM tools Splunk, Azure Sentinel, McAfee ESM, LogRhythm is required • Experience on EDR tools for Incident response and threat hunting (Crowdstrike, Cortex XDR, MS Defender, Sentinel One) • Strong knowledge and experience with commonly used forensic toolsets, including EnCase, FTK.
Experience reviewing raw logs and performing advanced data correlation and analysis (i.e. firewall, network flow, IPS, endpoint protection, web application, host OS, database, AAA, etc) • Experience of network & host-based forensic analysis and techniques • Experience of malware analysis and understanding attack techniques. • Industry certifications such as ECIH v2, CHFI, GCIH or GCIA along with experience will be a bonus. Experience in lieu of certification will be taken into consideration Abilities: • Strong English verbal, written communication, report writing and presentations skills. • Ability to multitask and prioritize work effectively. • Responsive to challenging tasking. • Highly motivated self-starter giving attention to detail. • Strong analytical skills and efficient problem solving. • Capable to operate in a challenging and fast paced environment
Role: Incident Response Leader (L3)
Responsibilities • Provide technical Incident Response guidance to the L1 and L2 incident response Analysts • Manage client engagements, with a focus on incident response and investigation. Provide both subject matter expertise and project management experience to serve as the point person for client engagements • Assist with client incident scoping call and participate in the incident from kick-off through full containment and remediation. • Security Analytics – Efficiently distill actionable information from large data sets for reporting, hunting, and anomaly detection. • Recommend and document specific countermeasures and mitigating controls with post incident analysis findings • Develop comprehensive and accurate reports and presentations for both technical and executive audiences • Conduct Digital Forensic and Incident Response (DFIR) analysis, network log and network PCAP analysis, malware triage, and other investigation related activities in support of Incident Response investigations • Supervise Digital Forensics and Incident Response staff, and assisting with performance reviews and mentorship of cybersecurity professionals • Mature the Security Incident Response process to ensure it meets the needs of the Clients • Interact with Clients CSIRT teams to cater continuous and/or ad-hoc client requests for Incident Response services • Possess the experience, credibility and integrity to perform as an expert witness. • Involve in business development activities and supporting pre-sales teams in Identify, market, and develop new business opportunities • Assist with research and distribute cyber threat intelligence developed from Incident Response activities • Research, develop and recommend infrastructure (hardware & software) needs for DFIR and evolve existing methodologies to enhance and improve our DFIR practice .
Skills required • 8-10 years Information Security experience with at least 5 year of Incident Response experience. • Solid understanding of MITRE ATT&CK, NIST cyber incident response framework and Cyber kill chain. • Understanding of Threat Hunting and threat Intelligence concepts and technologies • Experience of leveraging technical security solutions such as SIEM, IDS/IPS, EDR, vulnerability management or assessment, malware analysis, or forensics tools for incident triage and analysis. • Deep experience with most common OS (Windows, MacOS, Linux, Android, iOS) and their file systems (ext3.4, NTFS, HFS+, APFS, exFAT etc) • Proficiency with industry-standard forensic toolsets (i.e. EnCase, Axiom/IEF, Cellebrite/UFED, Nuix and FTK) • Experience of enterprise level cloud infrastructure such as AWS, MS Azure, G Suite, O365 etc.. • Experience of malware analysis and understanding attack techniques. • CISSP, ECIH v2, GCFA, GCIH, EnCE or equivalent DFIR certification. • Ability to work in time-sensitive and complex situations with ease and professionalism, possess an efficient and versatile communication style • Good verbal and written communication skill, excellent interpersonal skills Abilities: • Strong English verbal, written communication, report writing and presentations skills. • Ability to multitask and prioritize work effectively. • Responsive to challenging tasking. • Highly motivated self-starter giving attention to detail. • Strong analytical skills and efficient problem solving. • Capable to operate in a challenging and fast-paced environment
Interested candidates please mail your resumes at shwedas@deloitte.com / mthakkar.ext@deloitte.com
Regards,
Shweta Das
Talent Acquisition | Risk Advisory
Mumbai- IThink, Lodha Amara IThink Tower,
Kolshet Road,Sandoz Baug, Thane West, Maharashtra 400607
Click here for notification and Apply
