Incident Response Analyst

LTTS India

Mumbai

Job Description: Level 2 Incident Response Analyst
Role Overview: As a Level 2 Incident Response Analyst, you will play a pivotal role in enhancing the cybersecurity posture of Maharashtra. Your expertise will contribute to deep investigations, escalated incident handling, and proactive threat mitigation. This position requires 5 to 7 years of experience and a commitment to maintaining the security of critical systems. Responsibilities and Deliverables: 1. Deep Investigation of DNS Lookups: o Analyze DNS queries and responses to identify anomalies. o Investigate suspicious domain names, IP addresses, and communication patterns. o Collaborate with other teams to uncover hidden threats. 2. Handle Escalated Investigations: o Receive escalated incidents from Level 1 analysts. o Conduct in-depth analysis of security incidents. o Determine root causes, impact, and potential remediation steps. 3. Provide Onsite / Off-site Incident Response Support: o Respond promptly to incidents, whether on-site or remotely. o Coordinate with incident response teams, law enforcement, and other stakeholders. o Ensure effective containment and eradication of threats. 4. Intel Advisory Review and Dissemination: o Review threat intelligence reports and advisories. o Disseminate relevant information to internal teams and external partners. o Contribute to threat briefings and situational awareness. 5. Attack Surface Validation: o Assess the organization's attack surface comprehensively. o Identify vulnerabilities, misconfigurations, and potential entry points. o Collaborate with vulnerability management teams to prioritize remediation efforts. Qualifications and Skills:

• Experience: 5 to 7 years of hands-on experience in incident response, cybersecurity, or related fields.
• Education: Bachelor's degree in Cybersecurity, Computer Science, or a relevant discipline.
• Certifications (Preferred):

o Certified Incident Handler (GCIH)
o Certified Ethical Hacker (CEH) o Offensive Security Certified Professional (OSCP)

• Technical Skills:

o Proficiency in analyzing DNS traffic, network protocols, and log data.
o Familiarity with SIEM tools, threat intelligence platforms, and forensic analysis. o Knowledge of malware analysis techniques.

• Soft Skills:

o Strong analytical and problem-solving abilities.
o Effective communication and collaboration skills. o Ability to work independently and as part of a team. Work Schedule:

• Operating Time: 9.5 hours per day, 5 days a week (standard business hours, working in shift as per customer need).

Additional Notes:

• Applicant must be willing to sign an NDA, and undergo security verification, including police verification.
• Applicant must be an Indian national.
• The role is primarily on-premises only, with limited remote support.
• The success of the project relies on the integrity and dedication of the incident response team.

Understanding Cloud Architectures
Proficiency with Cloud Provider Tools Automation and Orchestration Forensic Investigation in Cloud Cloud-Specific Security Controls

1. Deep Investigation of DNS Lookups:,4. Intel Advisory Review and Dissemination,5. Attack Surface Validation