Job Description
About The Company
Tata Communications Redefines Connectivity with Innovation and IntelligenceDriving the next level of intelligence powered by Cloud, Mobility, Internet of Things, Collaboration, Security, Media services and Network services, we at Tata Communications are envisaging a New World of Communications
Experience Required: 4+ years in Cybersecurity, with 2+years hands-on Anti APT tool and in IR
Reports To: Security Operations Lead / SOC Manager
Location: Jaipur
Job Type: Full-time, Customer locations
Job Summary
We are looking for a highly skilled Anti-APT and IncidentResponse Specialist to lead the detection, analysis, and remediation ofsophisticated cyber threats, including Advanced Persistent Threats (APTs). Thecandidate will work closely with threat intelligence, SOC, and forensic teamsto respond to incidents, contain threats, and fortify the environment againstfuture attacks.
Key Responsibilities
Anti-APT Operations:
Monitor for indicators of APT campaigns using threat intelligence feeds, SIEM, EDR, NBAD, and anomaly detection tools.
Identify and analyze tactics, techniques, and procedures (TTPs) used by threat actors aligned with MITRE ATT&CK.
Leverage threat intelligence to proactively hunt and neutralize stealthy threats.
Incident Response (IR)
Lead and execute all phases of incident response: identification, containment, eradication, recovery, and lessons learned.
Perform forensic analysis on systems and logs to determine the root cause, scope, and impact of security incidents.
Collaborate with IT, SOC, and legal/compliance teams during major incidents and breach investigations.
Create and maintain IR playbooks, response workflows, and escalation procedures.
Detection And Prevention
Work with SIEM and SOAR teams to improve alert fidelity and develop custom correlation rules.
Coordinate with endpoint, network, and cloud teams to plug gaps and strengthen defenses post-incident.
Assist in configuring anti-APT technologies like sandboxing, deception platforms, and EDR/XDR solutions.
Required Skills And Qualifications
Strong knowledge of APT groups and attack frameworks (e.g., MITRE ATT&CK, Lockheed Martin Kill Chain).
Hands-on experience in incident response, digital forensics, threat hunting, and malware analysis.
Proficiency With Tools Such As
EDR (e.g., CrowdStrike, SentinelOne, Carbon Black)
SIEM (e.g., Splunk, QRadar, ArcSight)
Forensics tools (e.g., FTK, EnCase, Volatility)
Threat intel platforms (MISP, Anomali, ThreatConnect)
Strong understanding of Windows/Linux internals, memory/process analysis, and network forensics.
Experience writing detection rules (Sigma, YARA) and incident reports.
Preferred Qualifications
Certifications: GCIH, GCFA, GNFA, CHFI, OSCP, or similar.
Experience with APT campaigns linked to sectors like government, BFSI, or critical infrastructure.
Exposure to cloud incident response (Azure, AWS, GCP) and OT/ICS threat environments.
Education Requirements
BE, B.Tech in IT/CS/ECE, BCA, BSc CS and MCA
Certification
CEH/CSA/CHFI
