Cyber Defence

About:

Godrej & Boyce is a leading and renowned manufacturing company in India. Cybersecurity is a critical and foundational element of Digital function. Organization has identified Cyber risk as one of the critical organization wide risk which needs to be addressed as a priority. Cyber Security team at Godrej & Boyce is continuously working towards improving overall Cybersecurity posture of Godrej & Boyce.

Roles and Responsibilities

• Develop and sustain incident response strategy covering the complete organization from policy, procedure, and playbooks perspective.
• Be a point of contact in case of an incident and managing incident from detection to closure, post -incident analysis and further communication to all relevant stakeholders to prevent any further damage.
• Planning and executing threat hunting will be the primary focus of this role along with in-depth investigation and support to incidents escalated from SOC.
• Leading the technical and incident responders into cybersecurity and taking responsibility for the timely identification of threats and minimising the same.
• Ensuring the completion of post-incident reviews, assessing the effectiveness of controls, detection and response capability, and supporting the required improvement in people, process and technology.
• Experience in conducting cyber incident drills.
• Collaborated with internal and external stakeholders (as applicable) for incident response and investigation
• Deep understanding of the technologies such as Next gen AV, EDR, Vulnerability Management, HIPS, NIDS, Web proxy, DNS, DHCP, AD, Databases, Full packet capture, host based & network-based forensics and encryption.
• Technical know-how on the organization's network, application, Data, systems and infrastructure.
• Be the Subject Matter Expert (SME) on incident response processes, tools and approaches to the wider team and other stakeholders.
• Must be able to conduct a detailed analysis of various security related events like Phishing, Malware, DoS/ DDoS, Application specific attacks, Ransomware etc.
• Creation of reports, dashboards, metrics related to the security incidents and presentation to Senior Management.
• Experience working in large scale complex environment
• Think about cyberattacks and propose remedial steps based on the attack pattern.
• Broad level of knowledge of security technologies.
• Excellent knowledge of methodologies, processes and tools associated with supporting this function effectively.

The current rise in the cybercrimes is multi fold and more complex, it necessitates to have a robust cyber defence mechanism in place. Cyber defence & investigation manager will cover the incident response planning to lessons learnt documentation and security investigations. The responsibilities of this role will be to develop incident response playbooks, respond to the security incidents effectively, initiate containment steps in collaboration with internal and external stakeholders (as applicable and appropriate), collect digital evidence related to the incident, detailed analysis, and training. Individual must have exposure to the cyber incident response and security investigations process to be able to understand the attack and respond appropriately.

Requisite Experience

• Graduate in any discipline (Preferably in IT / Computer Science)
• Relevant industry certification such as SANS GIAC / GCIA / GCIH / CISSP / OSCP, CEH, and or SIEM specific training and certification will be an added advantage.

Requisite Experience

• Overall 8 -10 years in Cybersecurity domains, relevant experience in incident response and investigations 5-6 Years.
• Must have 2-3 years of SOC experience.
• Knowledge of the SOC infrastructure and logging mechanisms of various technologies used in an organization.
• Good knowledge and understanding of the SIEM technologies.
• Very good understanding of the cycle of cyber threats, attacks, attack vectors and various methods of exploitations.

Special Skills Required

• An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understandable and actionable manner.
• Excellent interpersonal skills, comfortable working at all levels within an organization and in a wide variety of situations.
• Strong security mindset and a fast leaner.
• Good communication and analytical skills
• Questions status quo and navigates through roadblocks
• Security project management and planning.
• Defining problems, collecting and analysing data, establishing facts and drawing valid conclusions.
• Using judgment and ingenuity in maintaining objectives and technical standards.
• Self-motivating and able to work under own initiative.
• Professional with a strong work ethics.
• Able to thrive in a highly pressurized and changing environment.
• Ability to work outside of working hours.
• Thinks out of the box
• Identify and assists in maturing capability gaps
• Diplomatic with the ability to interact successfully with all levels of the business.
• An ability to translate security requirements and standards into easily understood business concepts and vice versa.
• Good understanding of the offensive and defensive side of security.