Incident Response Commander

Company Description

Simelabs, part of the Astek Group, is a leading provider of innovative software solutions, specializing in business mobility, Artificial Intelligence, Data Science, Machine Learning, IoT, Cloud Computing, and AR/VR technologies. Headquartered in Kochi, Kerala, we excel at transforming traditional IT infrastructures and implementing digital solutions, helping businesses thrive in today’s dynamic digital landscape. Our team of passionate professionals delivers sophisticated and impactful technological solutions to a global clientele, including six Fortune 500 companies. As part of the Astek Group, we leverage a global network to bring greater innovation and scale to our services.

Role Description - Cyber Incident Response Commander (US Timing)

Maintain documentation and process particularly the incident response plan (IRP):

o  Maintain up to date IRP & appendix

o  Maintain the Plan in relationship with other plans and policies in effect

o  Refine the specific incident playbooks so that each actor is as relevant as possible

o  Improve process with legal, communication departments

o  Write IRPs contextualized to a specific scope (Ships, Region, Subsidiaries…)

o  Regroup lessons learned and provide improvement recommendations

o  Establish links between incidents

o  Provide evidence to external or internal auditors

Manage information security incidents:

o  Assume the Incident Commander role, bringing business and technical units to the table

o  Assess the incident severity

o  Declare major incidents officially based on risk and regulation criteria

o  Manage incidents according to the Plan and the included playbooks

o  Ensure each team member operates within their defined responsibilities and collaborates effectively with others

o  Prioritize Forensic activities

o  Analyse & prioritise Incidents

o  Follow mitigation & recovery

o  Communicate, notify, report

o  Participate to Cyber Defense Center transversal collaboration activities

o  Participate to projects, improvements and compliance efforts related to CERT matters

Qualifications

You hold relevant cybersecurity industry certifications, including:

• GCFA
• CIH
• CISSP
• CEH
• ECSA
• ITIL Foundation
•  Knowledge of security tools and techniques
• Understanding of SOC and forensics techniques
• You are from a STEM, cybersecurity or equivalent academic background, focused on rigor and optimization
• You have 5 or more years of experience in a role with similar responsibilities, including CERT, SOC, SecOps or GRC
• You have a good understanding of information security incident management processes and methodologies (e.g.: ISO 27035, NIST framework or SANS 6-steps)
• You can convey an information security message to an organization’s management/executive
• Experience in the transportation/shipping/logistics is a plus
• You master oral and written English in a professional context
• You know how to keep your cool under pressure and think straight in moments of chaos