Security Consultant

Job Summary: The Security consultant will be responsible for end-to-end Incident Response which includes detecting, analyzing, and responding to security incidents to protect an organizations IT infrastructure and products. The role involves working with product teams, leveraging tools, and following structured incident response policies and process. Key Responsibilities: 1. Incident Detection Analysis - Monitor security alerts from SIEM, IDS/IPS, and endpoint detection tools. - Investigate security events to determine impact, scope, and root cause. - Analyze network traffic, logs, and forensic artifacts to detect malicious activity. - Utilize frameworks like MITRE ATTCK, NIST 800-61, and Cyber Kill Chain for attack analysis. 2. Incident Response Mitigation - Respond to security incidents and perform containment, eradication, and recovery. - Document incident response actions and maintain playbooks for future reference. - Collaborate with IT, Security, and DevOps teams to implement security fixes. - Conduct malware analysis and reverse engineering when required. 3. Threat Intelligence Hunting - Stay updated on emerging threats and vulnerabilities. - Perform proactive threat hunting to detect potential attacks before they escalate. - Work with Threat Intelligence teams to assess indicators of compromise (IoCs). 4. Security Automation SOAR - Automate security incident response tasks using SOAR platforms. - Develop and optimize playbooks for automated threat containment. 5. Compliance Reporting - Ensure compliance with regulatory standards such as ISO 27001, NIST, PCI-DSS, SOC 2. - Prepare detailed incident reports and post-incident reviews (PIRs). - Assist in security audits and tabletop exercises for incident preparedness. Required Qualifications Skills Technical Skills: - SIEM Platforms - Endpoint Security - Forensics Malware Analysis - Threat Intelligence Tools - Programming/Scripting: Python, PowerShell - Cloud Security: AWS, Azure security best practices Soft Skills: - Strong problem-solving and analytical thinking. - Effective communication skills for technical and non-technical audiences. - Ability to work in high-pressure situations and make quick decisions. - Strong collaboration skills to work with cross-functional teams. Preferred Certifications: - Certified Incident Handler (GCIH) GIAC - Certified Cyber Incident Responder (ECIH) EC-Council - Certified Information Systems Security Professional (CISSP) (Nice to have) - Microsoft Certified: Security Operations Analyst Associate (Nice to have) - AI/ML Knowledge (Nice to have)