Gautam Buddha Nagar, Uttar Pradesh
Job Summary
Function: Cyber Security – ICC
Location: Noida & Bangalore
Experience: 5–8+ years in Cybersecurity Operations / Incident Response
Key Responsibilities:
Lead and manage high-severity cybersecurity incidents (P1, P2, P3) across enterprise environments
Act as the single point of contact (SPOC) for end-to-end incident management
Coordinate with SOC, Incident Response, Infrastructure, and Business teams for unified execution
Ensure effective collaboration and eliminate duplicate efforts across teams
Initiate and manage incident bridge calls (war-room / ICC calls)
Drive clear communication, action tracking, and stakeholder updates throughout the incident lifecycle
Provide regular status reporting to leadership and key stakeholders
Drive complete incident response lifecycle:
Detection & alert validation
Investigation & analysis
Containment & isolation
Eradication & remediation
Recovery & service restoration
Ensure adherence to defined SLA timelines, severity classification, and escalation matrix
Proactively escalate critical issues to senior leadership and relevant stakeholders
Prepare and deliver incident reports, Root Cause Analysis (RCA), and executive summaries
Maintain accurate, detailed documentation for audit, compliance, and regulatory requirements
Monitor and oversee security tools such as SIEM, EDR, and SOAR platforms
Validate alerts, IOCs, and threat intelligence inputs to support incident response
Guide teams in forensic analysis, investigation, and threat mitigation activities
Conduct post-incident reviews and lessons learned sessions
Identify gaps and drive improvements in detection capabilities, response processes, and playbooks
Continuously enhance overall incident response maturity and effectiveness
Willing to work in 24×7 rotational shifts / on-call environment
Ready to work from base office locations
Able to handle high-pressure, time-critical incident scenarios
Required Skills:
Strong incident management and crisis leadership
SIEM tools (Splunk, QRadar, Sentinel)
EDR/XDR tools (CrowdStrike, Defender)
Log analysis and incident investigation
Knowledge of MITRE ATT&CK and threat intelligence
Strong analytical and problem-solving skills
Effective communication and teamwork
Excellent communication and stakeholder management skills
Qualifications
Bachelor’s degree in Cybersecurity / IT / Computer Science
Certifications preferred: CEH, Security+, CySA+, CISSP (optional)
Key Responsibilities
Key Responsibilities:
Lead and manage high-severity cybersecurity incidents (P1, P2, P3) across enterprise environments
Act as the single point of contact (SPOC) for end-to-end incident management
Coordinate with SOC, Incident Response, Infrastructure, and Business teams for unified execution
Ensure effective collaboration and eliminate duplicate efforts across teams
Initiate and manage incident bridge calls (war-room / ICC calls)
Drive clear communication, action tracking, and stakeholder updates throughout the incident lifecycle
Provide regular status reporting to leadership and key stakeholders
Drive complete incident response lifecycle:
Detection & alert validation
Investigation & analysis
Containment & isolation
Eradication & remediation
Recovery & service restoration
Ensure adherence to defined SLA timelines, severity classification, and escalation matrix
Proactively escalate critical issues to senior leadership and relevant stakeholders
Prepare and deliver incident reports, Root Cause Analysis (RCA), and executive summaries
Maintain accurate, detailed documentation for audit, compliance, and regulatory requirements
Monitor and oversee security tools such as SIEM, EDR, and SOAR platforms
Validate alerts, IOCs, and threat intelligence inputs to support incident response
Guide teams in forensic analysis, investigation, and threat mitigation activities
Conduct post-incident reviews and lessons learned sessions
Identify gaps and drive improvements in detection capabilities, response processes, and playbooks
Continuously enhance overall incident response maturity and effectiveness
Willing to work in 24×7 rotational shifts / on-call environment
Ready to work from base office locations
Able to handle high-pressure, time-critical incident scenarios
Required Skills:
Strong incident management and crisis leadership
SIEM tools (Splunk, QRadar, Sentinel)
EDR/XDR tools (CrowdStrike, Defender)
Log analysis and incident investigation
Knowledge of MITRE ATT&CK and threat intelligence
Strong analytical and problem-solving skills
Effective communication and teamwork
Excellent communication and stakeholder management skills
Qualifications
Bachelor’s degree in Cybersecurity / IT / Computer Science
Certifications preferred: CEH, Security+, CySA+, CISSP (optional)
#body.unify div.unify-button-container .unify-apply-now: focus, #body.unify div.unify-button-container .unify-apply-#body.unify div.unify-button-container .unify-apply-now: focus, #body.unify div.unify-button-container .unify-apply-