1. Monitor and analyze the alerts generated on incident management consoles such as SIEM, DLP, Threat Intelligence etc
2. Investigate, log, update and resolve Security Incident within the agreed timeline and as per defined process
3. Run Incident management bridge, follow escalation matrix as defined in the process document
4. Conduct Root cause analysis and prepare incident report as per the agreed format
5. Monitor InfoSec owned managed Infrastructure for issues
6. Identify and block various IOCs with applicable security policies / configuration changes
7. Work closely with cross-functional teams within SBI Card and partner with key stakeholders to manage security issues/incidents within defined timelines
8. Maintain and publish Security incident MIS reports as per agreed process at predefined frequency
9. Perform process documentation and compliance adherence Measures of Success 1. Timely Logging, Investigating, updating, resolving and reporting of Security Incidents
2. Timely and accurate publication of MIS / business dashboards
3. Increase in maturity incident coordination, improvement in response time by all stakeholders
4. Creation and publication of Incident report as per the prescribed format within the agreed timeframe
5. Process Adherence as per MOU
Technical Skills
Sets Required
1. Knowledge of Security Operations Center (SIEM, DLP, Anti-Virus etc alert review and triage)
2. Knowledge of Security Incident Management
3. Knowledge of Windows UNIX Operating system
4. Basic knowledge on ITIL procedures
5. Understanding of Security Terminology ie Network Security, Vulnerability, Anti-Virus, Virus/Trojans/Spam/Attack Pattern
6. Knowledge of Information security management standards like ISO 27001, CEH, CHFI
7. Strong overall ability to troubleshoot and analyze all hardware and software issues
8. Industry-standard certifications such as ISO27001 LI, CCNA or other desired security certifications as preferred.
9. One or more of the following certifications: GIAC Information Security Expert (GSE) or GIAC Certified Incident Handler (GCIH).
Competencies critical for role with High Proficiency
- Stakeholder Management
- Analytical ability
- Process Orientation
- Problem Solving
Key External Stakeholder(s)
Key Internal Stakeholder(s)
- Information technology, Senior leaders like CISO , DPO and other Business/functional leaders
Must have
Qualification
- Bachelor degree / B.tech in Computer Science / IT or related area
- Overall Experience 6 - 9 years of post qualification experience
Relevant Experience
2 - 5 years of experience in cyber security incident handling and management, information security, network engineering with emphasis in cyber security issues and operations Preferred Industry(If any) BFSI / NBFC /E-commerce/IT ITES / Telecom