Responsibilities:
Job Summary
As a member of Finastra\xe2\x80\x99s Global Information Security Incident Response team, the Expert Cyber Security Incident Responder will coordinate the response activities for security incidents across the Global company environment. The successful candidate will focus on reviewing, triaging, analyzing, and remediating security incidents. The Incident Handler is the escalation point for Security Operations Center (SOC) analysts, and as such, will handle validated security incidents, in accordance with the Security Incident Response process. The successful candidate will perform functions such as log analysis, conduct in-depth technical analysis of network traffic and endpoint systems, enrich data using multiple sources, and will be responsible for rapid handling and mitigation of security incidents.


The candidate will also participate in a number of Global cyber security initiatives. Successful candidates should be familiar with incident response processes, network investigative techniques, network intrusion patterns, Operating System investigative techniques, malware analysis, security tool automation, and security trends and issues. Expert Cyber Security Incident Responders are considered thought leaders, should be willing to mentor and advise others, and will help drive the operational and strategic growth of the organization.


Responsibilities
Acts as Security Incident Handler for high-impact cyber security incidents and advanced attacks in accordance with Cyber Kill Chain methodology and incident response process.
Understands Incident Response processes and participate in analysis, containment, and eradication/remediation of security incidents.
Conducts malware analysis and identification of Indicators of Compromise (IOCs) to evaluate incident scope and associated impact.
Enhances workflow and processes driving incident response and mitigation efforts.
Understands and executes the full Incident Management Lifecycle to identify and improve preventative security controls and security incident detection capability.
Expertly leverages Digital Forensics techniques, tools, and capabilities to support Incident Response activities.
Performs analysis of logs from various security controls, including, but not limited to, firewall, proxy, host intrusion prevention systems, endpoint security, and application and system logs, to identify possible threats to network security.
Improves prevention, detection and response capabilities with security tool automation.
Provides leadership and guidance to the appropriate teams to improve and enhance Finastra\xe2\x80\x99s cyber defense capabilities.
Writes technical articles for knowledge sharing.


This Position Requires
Extensive cross-group collaboration and coordination,Excellent oral and written communication skills;
Attention to detail and a highly organized, process-focused aptitude.


Required skills :5-9Yrs


5+or more years of relevant work experience.
Experience working Incident Response processes network investigative techniques, network intrusion patterns, malware analysis, and/or security trends.
Experience executing various Incident Response Frameworks and Handling Procedures.
Experience with malware reverse engineering.
Experience in Cyber Intelligence or in related disciplines.
Cybersecurity experience in the financial industry.
Previous experience with Cyber Kill Chain and diamond model methodology.
Understanding of Networking (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture.
Understanding Operating Systems and their architectures: Windows, Unix/Linux, and OSX Operating Systems.
Leadership and mentoring skills to help advance the overall capabilities of Finastra\xe2\x80\x99s Global Information Security organization.
Strong communication, presentation, and leadership skills along with the ability to work in a highly collaborative environment.
Strong relationship skills and collaborative style to enable success across multiple departments and disciplines.
Manages multiple priorities in a high pressure environment.
Ability to comply with any regulatory requirements.


Education / Certifications
Bachelor\'s degree from an accredited college or university, or equivalent experience. A degree in Computer Science, Computer/Data Systems Management or a related field or discipline is preferred but not required.


Certification in one or more of the following areas is desired but not required:
CERT-Certified Computer Security Incident Handler, GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Network Forensic Analyst (GNFA), GIAC Cyber Threat Intelligence (GCTI), and Certified Information Security Professional (CISSP).


Job Location: Bangalore