Project Role : Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Security Threat Hunting, DFIR
Good to have skills : NA
Minimum 5 Year(s) Of Experience Is Required
Educational Qualification : 15 years full time education
Summary
As part of the Cyber Resilience team, we are seeking a highly skilled Incident Response Consultant / DFIR Specialist to support the identification, investigation, containment, and remediation of cyber security incidents. This role is ideal for professionals with hands-on experience in digital forensics, malware analysis, ransomware response, threat hunting, and breach investigation.
The candidate will work closely with internal teams, clients, and stakeholders to manage active incidents, perform forensic analysis, and recommend remediation strategies to strengthen cyber resilience.
Roles & Responsibilities
Support cyber incident response investigations across endpoints, servers, cloud, and network environments
Perform initial triage, containment, and recovery support activities during active incidents
Investigate security incidents including ransomware, phishing, business email compromise, malware infections, insider threats, and data breaches
Conduct host-based and network-based forensic analysis under guidance from senior team members
Analyze logs, alerts, and endpoint telemetry to help determine attack scope, root cause, and business impact
Identify and document indicators of compromise (IOCs), attacker techniques, and suspicious activity
Assist with malware triage and suspicious file analysis
Prepare timely incident documentation, technical findings, and investigation summaries
Support coordination with internal teams and stakeholders during incident response activities
Contribute to remediation recommendations and post-incident improvement actions
Participate in tabletop exercises, incident simulations, and cyber readiness activities
Assist with threat intelligence review, alert validation, and incident readiness planning
Professional & Technical Skills
Experience in Incident Response, DFIR, SOC, Threat Hunting, or Cyber Security Operations
Strong understanding of incident handling lifecycle
Hands-on experience with Windows, Linux, and macOS investigation
Experience with log analysis, SIEM, EDR, and endpoint investigation tools.
Familiarity with one or more tools such as: Splunk, Microsoft Defender, CrowdStrike, Velociraptor, EnCase, FTK, X-Ways, Wireshark
Ability to write professional technical reports and communicate findings to both technical and non-technical audiences
Preferred Qualifications
Experience handling enterprise-scale cyber incidents
Exposure to malware analysis and threat intelligence
Experience in cloud incident response across AWS, Azure, or GCP
Knowledge of MITRE ATT&CK and forensic methodologies
Experience with tabletop exercises, red team coordination, or breach readiness programs.
Relevant certifications such as GCIH, GCFA, GNFA, CISSP, CHFI, Security+
Soft Skills
Strong analytical and problem-solving ability
Calm and effective under pressure
Excellent stakeholder communication
Strong documentation and reporting skills
Ability to work independently and collaboratively in fast-paced environments
Additional Information
- The candidate should have minimum 5 years of experience in Security Threat Hunting.
- This position is based at our Gurugram office.
- A 15 years full time education is required.
