LTIMindtree Limited is an Indian multinational information technology services and consulting company. A subsidiary of Larsen & Toubro, the company was incorporated in 1996 and employs more than 90,000 people.
Mandatory Skills: SOC Incident Management
Primary Skills:
1. Minimum 5 years of experience in Security Operations & Incident Response. Resource should have experience in Splunk & CrowdStrike.
2. Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives
3. Revise and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs aligning with customer
4. Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Center
5. Perform threat management, threat modeling, identify threat vectors and review use cases for security monitoring
6. Responsible for integration review of standard and non-standard logs in SIEM
7. Submission of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.
8. Co-ordination with stakeholders, build and maintain positive working relationships with them.
9. Provide support to the Security Operations Center (SOC) during incident response, event monitoring, and threat hunting activities. Responsibilities include cyber threat analysis support, research, recommending appropriate remediation and mitigation.
10. Incident & Problem Management – Monitoring, Validation, Analysis, Triage, Escalation, Response and Resolution
11. SIEM - Log source integration
12. Use Case Fine tuning and New Use case creation
13. Proficient in one more of the following computer languages PowerShell, Bash, Python, or Visual Basic to support cyber threat detection or reporting. Security API implementations can be considered as well.
14. Candidate must have a deep understanding of several of the following fields: Email security (including PDF and Document analysis), digital media forensics, monitoring and detection, incident response, vulnerability assessment, penetration testing, cyber intelligence analysis and network analysis
15. Deep understanding of either the Lockheed Cyber Kill Chain or MITRE Attacks framework (MITRE preferred) 16. Cyber threat analysis support, research and recommend appropriate remediation and mitigation
17. Trending and correlation of monitored events to build new Indicators of Compromise (IOC), attack attribution and helping establish countermeasures increasing cyber resiliency
18. Identification of advanced cyber threat activities, Endpoint Detection & Response, intrusion detection, incident response, malware analysis, and security content development (e.g., signatures, rules etc.); and cyber threat intelligence Educational Requirement Bachelor’s Degree, in Computer Science or related field preferred and 7+ years’ experience in an information technology field with a minimum of 3 years of experience as a Tier III senior cybersecurity analyst performing intelligence analysis, collection management, and technical analysis
SOC Incident Management , Major Incident Management, SOC Operations, Cyber ,Lockheed Cyber Kill Chain , MITRE ,PowerShell, Bash, Python ,SIEM .