Sr Advisor, Incident Response
Bangalore, India
4d ago

Location : Bangalore, India

Company Description :

Dell provides the technology that transforms the way we all work and live. But we are more than a technology company we are a people company.

We inspire, challenge and respect every one of our over 100,000 employees. We also provide them with unparalleled growth and development opportunities.

Why Work For Us :

Dell is primed to recruit the best and brightest candidates from all across the globe. We take pride in fostering a winning, innovative, inclusive employee culture.

We also take calculated risks and we celebrate big victories when they pay off.

Our Employee Value Proposition :

Our Culture Code unites us and makes us a great family of companies and a great place to work. It’s how we run the business, go to market, work together and provide inspirational leadership.

Our culture code is defined by our values and are made real every day by defining expectations for how we work and how we lead.

The Dell Security & Resiliency organization manages the security risk across all aspects of Dell’s business. We are currently experiencing incredible growth in order to meet the security needs of the world’s largest technology company.

With team members located in over 15 countries, you will have an excellent opportunity to influence the security culture at Dell and further develop your career.

  • Dell is a worldwide provider of information technology services and business solutions to a broad range of clients. We seek men and women who share our values, thrive in a team environment, and recognize the importance of accountability;
  • people who strive to exceed expectations to ensure our Clients' success

    We are currently seeking for a Senior Advisor Operational Detection, Analysis and Response to join our Security & Resiliency team, based in Bangalore, India. .

    Key Responsibilities :

  • Incident Response Process Owns the critical process steps detection, validation, containment, remediation, and communication for computer-based security events and incidents such as malware infections, potential compromise, Distributed Denial of Service (DDoS), etc.
  • Drives our strategy for SIEM and oversees the effectiveness of the technology and process. Involves appropriate tuning, correlation of critical logs, connection to our incident response process, and reporting of relevant metrics.
  • Respond to critical security incidents and lead escalation teams to close with response, containment and remediation.
  • Create, maintain and promote a set of CSIRT operation playbooks to effectively trigger and execute the security incident response process.
  • Manages the current state of logging and monitoring, maintains a vision of ideal state of logging and monitoring, and drives a prioritized roadmap to reduce the gaps.
  • Form and lead a leveraged virtual incident response team with the various global IT teams and business units and coordinates resources to effectively perform incident response tasks
  • Provide security control enhancement recommendations based on security incident data
  • Respond and perform technical security investigations on security incidents, root cause analysis, recommend and mitigate the effects caused by an incident
  • Communicate and build effective relationships with people at all levels
  • Responsible to manage and drive to closure all Audit issues to the Incident Response and Management process
  • Build security utilities and tools for internal use that enables you and your fellow team mates to operate at high speed and broad scale
  • Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities
  • Provide situational awareness on the current threat landscape and the techniques, tactics and procedures associated with specific threats
  • Plan and execute annual Security Incident Response tabletop exercises
  • Job Requirements :

  • Bachelor’s or Master’s degree in Computer Science, Information Systems or equivalent qualification.
  • At least 8 years of directly related experience in Information Security Threat Detection and Incidence Response,
  • Strong knowledge of networking fundamentals
  • Scripting expertise in one or more of following languages (preferably Powershell / Python / Bash)
  • In-Depth knowledge of various types and techniques of cyber-attacks
  • Experienced with command-line interfaces
  • Experience in Log monitoring, Event analysis, data correlation, detection and prevention systems, firewalls, and DDOS prevention solutions.
  • Strong experience in Packet analysis tools (Zeek, tcpdump, Wireshark, ngrep etc.)
  • Strong experience in SIEM (Splunk, RSA Netwitness)
  • Hands-On experience working with EDR (CarbonBlack, Crowdstrike, ECAT etc)
  • Hands-On experience working with Forensic analysis tools (Encase, FTK, Volatility etc)
  • Excellent command of English, both written and verbal
  • Excellent problem-solving skills with the ability to diagnose and troubleshoot technical issues
  • Customer-oriented with a strong interest in customer satisfaction
  • The ability to learn new technologies and concepts quickly
  • Must possess either one or more of the following certifications CEH, CHFI, SANS GCIH, SANS GCFA,
  • Experience in Vulnerability Assessment / Penetration is a plus
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form