

Job Description*
The role is in the Cyber Threat Defense (CTD) team of the bank. Key responsibilities of the role include detecting and responding to cyber-attacks against bank’s applications as per established processes and procedures to ensure security, integrity, and confidentiality of the information, contribute to enhancing detection and preventive controls, and continually improve incident response capabilities.
Responsibilities*
•Prevent, Detect, and respond to cyber-attacks against bank’s applications by leveraging advanced tools, processes & procedures, and your technical experience & skills.
•Perform analysis to determine timelines, TTPs used by Threat Actors and impact of the incidents and report them to Cyber Incident Management team as per the process.
•Briefs management and control SMEs on above analysis and collaborate to drive proactive control enhancements.
•Create and update detection rules to detect emerging threats by leveraging logs from various systems and applications.
•Create and update threat prevention and detection rules on Web Application to detect and block malicious activities.
•Collaborate with vendors and internal teams to fix any bugs, control issues or control upgrades.
•Apply a proactive understanding of cyber security threats to prevent incidents, enhance controls, and drive enterprise change
Requirements*
Education* -BE/B.Tech/MCA
6+ Years
Foundational skills*
•Hands-on experience of 6+ years of preventing, detecting, and responding to application layer attacks in a large enterprise environment.
•Strong understanding of common exploits, web application attacks (OWAS top 10 security risk and beyond), network protocols and infrastructure/application logs (eg weblogs, AD logs, security logs) for an efficient intrusion analysis
•Advanced log analysis skills leveraging tools such as Splunk or other SIEM solutions and scripting/regular expressions to find targeted attacks and hunting exercises.
•Good verbal and written communication skills for effective collaboration and incident reporting in a global environment
•Broader understanding Cyber threat environment, common TTPs used by Threat Actors and Defensive controls to defend against such threats
Desired skills*
•Hands-on experience of managing rules on IPS/IDS on leading vendors is desirable
•Hands-on experience of creating and updating Web Application Firewall rules is strongly desirable.
Work Timings* -6:30 AM - 10:30 PM
Hyderabad, Mumbai
משרות נוספות שיכולות לעניין אותך