Associate - Cybersecurity

Required skills -
Engineering knowledge must have how to deploy Sentinel and dependent resources.
Should know how to do various Data integration into SIEM.
Should be a master with KQL query development.
Expertise in building use cases around NIST and MITRE ATT&CK framework to enable detection at various stages of a cyber-attack.
Expert in creation of SOAR workflows using Logic Apps.
Good knowledge of User Entity Behaviour, Machine Learning models.
Experience of threat intelligence and threat hunting.
Create and maintain KPI reporting.
Knowledge about Multi-cloud environment and hybrid environments.
Experience in building domain specific POCs.
Well-versed with different attack vectors/TTPs and be able to simulate non-invasive attack as needed
Security Incident response and triage.
should be aware of all IT forensics techniques.
Conduct threat hunting scenarios basis behaviour analysis, cyber threat intelligence, and hypothesis driven approach.
Perform regular hunts post analysing TTPs adopted by popular threat actor groups.
Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack
infrastructure.
Deep understanding of network protocols, operating systems, AD Security, DNS Security, and adversary tactics.
Must be proficient in writing detailed threat reports.
Active Investigation / Cause Analysis (Who, what, When, Where How) : initiate and follow-through to ensure quality forensic
materials are captured.
Participate in Root Cause Analysis if required.
Must have knowledge and prior experience with workbook creation, dashboard creation.
Aid in and participate in daily, weekly, quarterly, and yearly production reporting for clients, partners, and internal teams.
Hands-on experience with EDR solutions (Microsoft Defender ATP preferred) and CASB solution.
should be familiar with working of different infrastructure technology like Active Directory, DNS, Web technologies, TLS, Firewalls
etc.
Knowledge of Azure Cloud technologies and Microsoft Cloud Apps security
Create, maintain, and assign custom security policies as needed.
Assist in CSPM tool testing and scoring.
Create strategy to manage PCI/PII compliance controls through Azure Automation.
Scripting knowledge such as PowerShell, bash, Python is an added advantage.
Good Oral and written communication skills is must.

Good to have exposure -
Azure: Microsoft Defender for Cloud, Cloud App Security, defender for identity, defender for Office365 and Defender for endpoints
Google: Security Command Centre, Cloud Key Management, Confidential Computing
AWS: Security Hub, AWS Shield, Guard Duty, Macie
Azure & AWS Certified Preferred but not mandatory.
Knowledge of best practices and market trends pertaining to Cloud and overall industry to provide.
Ability to understand and document technical requirements from clients/Internal Team.
Set up process, services, and tools around cloud.
Experience working effectively within a team.
Excellent skills transfer capabilities.