Job Summary

Function: Cyber Security – ICC

Location: Noida & Bangalore

Experience: 5–8+ years in Cybersecurity Operations / Incident Response

Key Responsibilities:

• Lead and manage high-severity cybersecurity incidents (P1, P2, P3) across enterprise environments

• Act as the single point of contact (SPOC) for end-to-end incident management
• Coordinate with SOC, Incident Response, Infrastructure, and Business teams for unified execution
• Ensure effective collaboration and eliminate duplicate efforts across teams

• Initiate and manage incident bridge calls (war-room / ICC calls)
• Drive clear communication, action tracking, and stakeholder updates throughout the incident lifecycle
• Provide regular status reporting to leadership and key stakeholders

• Drive complete incident response lifecycle:
• Detection & alert validation
• Investigation & analysis
• Containment & isolation
• Eradication & remediation
• Recovery & service restoration

• Ensure adherence to defined SLA timelines, severity classification, and escalation matrix

• Proactively escalate critical issues to senior leadership and relevant stakeholders
• Prepare and deliver incident reports, Root Cause Analysis (RCA), and executive summaries

• Maintain accurate, detailed documentation for audit, compliance, and regulatory requirements
• Monitor and oversee security tools such as SIEM, EDR, and SOAR platforms

• Validate alerts, IOCs, and threat intelligence inputs to support incident response
• Guide teams in forensic analysis, investigation, and threat mitigation activities
• Conduct post-incident reviews and lessons learned sessions

• Identify gaps and drive improvements in detection capabilities, response processes, and playbooks
• Continuously enhance overall incident response maturity and effectiveness

• Willing to work in 24×7 rotational shifts / on-call environment
• Ready to work from base office locations
• Able to handle high-pressure, time-critical incident scenarios

Required Skills:

Strong incident management and crisis leadership

SIEM tools (Splunk, QRadar, Sentinel)

EDR/XDR tools (CrowdStrike, Defender)

Log analysis and incident investigation

Knowledge of MITRE ATT&CK and threat intelligence

Strong analytical and problem-solving skills

Effective communication and teamwork

Excellent communication and stakeholder management skills

Qualifications

Bachelor’s degree in Cybersecurity / IT / Computer Science

Certifications preferred: CEH, Security+, CySA+, CISSP (optional)

Key Responsibilities

Key Responsibilities:

• Lead and manage high-severity cybersecurity incidents (P1, P2, P3) across enterprise environments

• Act as the single point of contact (SPOC) for end-to-end incident management
• Coordinate with SOC, Incident Response, Infrastructure, and Business teams for unified execution
• Ensure effective collaboration and eliminate duplicate efforts across teams

• Initiate and manage incident bridge calls (war-room / ICC calls)
• Drive clear communication, action tracking, and stakeholder updates throughout the incident lifecycle
• Provide regular status reporting to leadership and key stakeholders

• Drive complete incident response lifecycle:
• Detection & alert validation
• Investigation & analysis
• Containment & isolation
• Eradication & remediation
• Recovery & service restoration

• Ensure adherence to defined SLA timelines, severity classification, and escalation matrix

• Proactively escalate critical issues to senior leadership and relevant stakeholders
• Prepare and deliver incident reports, Root Cause Analysis (RCA), and executive summaries

• Maintain accurate, detailed documentation for audit, compliance, and regulatory requirements
• Monitor and oversee security tools such as SIEM, EDR, and SOAR platforms

• Validate alerts, IOCs, and threat intelligence inputs to support incident response
• Guide teams in forensic analysis, investigation, and threat mitigation activities
• Conduct post-incident reviews and lessons learned sessions

• Identify gaps and drive improvements in detection capabilities, response processes, and playbooks
• Continuously enhance overall incident response maturity and effectiveness

• Willing to work in 24×7 rotational shifts / on-call environment
• Ready to work from base office locations
• Able to handle high-pressure, time-critical incident scenarios

Required Skills:

Strong incident management and crisis leadership

SIEM tools (Splunk, QRadar, Sentinel)

EDR/XDR tools (CrowdStrike, Defender)

Log analysis and incident investigation

Knowledge of MITRE ATT&CK and threat intelligence

Strong analytical and problem-solving skills

Effective communication and teamwork

Excellent communication and stakeholder management skills

Qualifications

Bachelor’s degree in Cybersecurity / IT / Computer Science

Certifications preferred: CEH, Security+, CySA+, CISSP (optional)

Skill Requirements

Other Requirements