what you will do ?

• work on a diverse domain of information security across the organisation, most important infrastructure and data security
• responsible identifying security issues (external as well as internal), help stakeholders to mitigate and at frequent occasions build a solution around some of the complex problem statements implement/maintain security for cloud-based systems/applications
• formulate new detection ideas based on newly-published research, industry trends, or major incidents.
• respond to security incidents and think of how to prevent such incidents
• develop and enhance the CRED’s detection, monitoring and response capabilities
• automate various security incident responses using playbook
• build in-house security analytics solutions using open source tools (log parsing, event correlation and threat detection)
• research/conduct threat hunting operations using known adversary tactics, techniques and procedures to detect advanced threats
• build in-house security frameworks to establish a state of art security culture inside tech
• be responsible to track security incident responses across the organisation
• assist with creating security awareness and maintaining prudent security engineering culture within an organisation
• enable compliance in teams and help them achieve some of the industry’s best practices (e.g. PCI DSS, ISO 27001)

you should apply if you have:
 

• 2-6 years of experience in information security
• proficiency in one of the programming languages (python, golang, bash)
• the ability to be a go-to person and communicate effectively with stakeholders (engineers, product, business teams)
• an understanding of MITRE ATT&CK, Cyber Kill Chain, Diamond Model
• knowledge in operating centralised log analysis tools - ELK, Splunk, etc
• experience with deploying custom-built and scalable security solutions & enterprise or open-source security tools - SIEM, IDS/IPS, EDR, FIM, PAM
• experience with handling incident response life-cycle (detection, identification, containment, analysis, remediation and reporting)
• the ability to read packet capture or memory dumps and create regex on the fly.
• a GitHub profile, blog or a conference presentation
• the ability to influence organisations and stakeholders by practising a data-driven approach
• ability to be proactive in keeping yourself updated with security news/issues/breaches/tools/blogs on the internet
• the zeal to explore diverse domains of information security and have a fast learning curve
• the ability to distill complex security threats and risks into simple terms for non-security (and even non-technical) stakeholders.