Incident Response Analyst

Level 2 Incident Response Analyst
Role Overview: As a Level 2 Incident Response Analyst, you will play a pivotal role in enhancing the cybersecurity posture of Maharashtra. Your expertise will contribute to deep investigations, escalated incident handling, and proactive threat mitigation. This position requires 5 to 7 years of experience and a commitment to maintaining the security of critical systems. Responsibilities and Deliverables: 1.Deep Investigation of DNS Lookups: oAnalyze DNS queries and responses to identify anomalies. oInvestigate suspicious domain names, IP addresses, and communication patterns. oCollaborate with other teams to uncover hidden threats. 2.Handle Escalated Investigations: oReceive escalated incidents from Level 1 analysts. oConduct in-depth analysis of security incidents. oDetermine root causes, impact, and potential remediation steps. 3.Provide Onsite / Off-site Incident Response Support: oRespond promptly to incidents, whether on-site or remotely. oCoordinate with incident response teams, law enforcement, and other stakeholders. oEnsure effective containment and eradication of threats. 4.Intel Advisory Review and Dissemination: oReview threat intelligence reports and advisories. oDisseminate relevant information to internal teams and external partners. oContribute to threat briefings and situational awareness. 5.Attack Surface Validation: oAssess the organizations attack surface comprehensively. oIdentify vulnerabilities, misconfigurations, and potential entry points. oCollaborate with vulnerability management teams to prioritize remediation efforts. Qualifications and Skills: Experience: 5 to 7 years of hands-on experience in incident response, cybersecurity, or related fields. Education: Bachelors degree in Cybersecurity, Computer Science, or a relevant discipline. Certifications (Preferred): oCertified Incident Handler (GCIH) oCertified Ethical Hacker (CEH) oOffensive Security Certified Professional (OSCP) Technical Skills: oProficiency in analyzing DNS traffic, network protocols, and log data. oFamiliarity with SIEM tools, threat intelligence platforms, and forensic analysis. oKnowledge of malware analysis techniques. Soft Skills: oStrong analytical and problem-solving abilities. oEffective communication and collaboration skills. oAbility to work independently and as part of a team. Work Schedule: Operating Time: 9.5 hours per day, 5 days a week (standard business hours, working in shift as per customer need). Additional Notes: Applicant must be willing to sign an NDA, and undergo security verification, including police verification. Applicant must be an Indian national. The role is primarily on-premises only, with limited remote support. The success of the project relies on the integrity and dedication of the incident response team. Understanding Cloud Architectures Proficiency with Cloud Provider Tools Automation and Orchestration Forensic Investigation in Cloud Cloud-Specific Security Controls 1.Deep Investigation of DNS Lookups:,4.Intel Advisory Review and Dissemination,5.Attack Surface Validation