Overview
Cyber Security – Orchestration Jobs in Mumbai, Maharashtra, India at LTIMindtree
Title: Cyber Security – Orchestration
Company: LTIMindtree
Location: Mumbai, Maharashtra, India
Type: Full Time
Category: IT/Tech (Cybersecurity, Information Security, Data Security), Security (Cybersecurity, Information Security, Data Security)
Skills :
Security Orchestration, Automation and Response, Security Incident Response Experience : 12 – 16 Years Location :
Mumbai ( Powai ) Shift :
Rotational Mode : 5 Days WFO Roles Primary deliverables Integration of all our suite of Worldclass Security Tools Vectra Proofpoint Abnormal Security AWS WAF Cloudflare Palo Alto Firewall into the Crowdstrike Next Generation SIEM Lead the deployment and management of Security Orchestration Automation and Response SOAR capabilities to advance and automate our SOC Playbooks Improving our Mean Time To Contain MTTC a critical Cyber Security metric for measuring Security Incident Response effectiveness Deploy effective Identity and Access Management Policies and Automated Crowdstrike Foundry and Fusion SOAR Workflows This role will manage SOC Cyber Defense escalations for security tooling capabilities deployed across all business units This role will perform technical analysis and management of operational risk This role is the escalation point to provide technical
leadership
and effective management of security incidents across the following Security Capability Capability Outcome Endpoint Protection Detective Proactive and Reactive response to malicious behaviour on workstations Server Protection Detective Proactive and Reactive response to malicious behaviour on servers Cloud Protection Detective and Reactive response for risky misconfiguration in Cloud Data centres Identity Protection Detective alerts for malicious behaviour across user accounts in Azure
AD and Active directory Email Protection 2nd Layer Detective Proactive and Reactive response to malicious emails and malicious behaviour across user accounts Logging and Audit Platform Detective alerts for application and system logs in Cloud Data centres and On Premises Data centres External Security Posture Management Detective and Proactive response for risky misconfiguration in Cloud Data centres Internal Vulnerability Management Detective alerts for weaknesses on workstations and servers Security Framework Control Platform Reporting of control implementation control maturity and framework alignment External Vulnerability Management Detective alerts for weaknesses on websites and API from internet based attacks Network Protection Detective and Reactive response to malicious behaviour on network in Cloud Data centres and On Premises Data centres Data Loss
Prevention
Detective alerts for data across workstations servers email and internet channels DDOS Protection Detective and Proactive response to protect AWShosted and Data centre hosted websites and APIs from internet based attacks Email Security DMARC Detective and Proactive response for inbound email impersonation attacks Attack Surface Management Detective alerts to identify and validate security weaknesses on external posture Email Protection 1st Layer Detective Proactive and Reactive response to malicious emails Email Protection Internal to Internal Detective Proactive and Reactive response to malicious emails Security Awareness Phishing simulations with metrics for click rates and content for compliance training Web Application Protection Detective and Proactive response to protect nonAWS hosted websites and APIs from internet based attacks Data Loss
Prevention
Preventative and Reactive actions for data across workstations servers email and internet channels Security Compliance Management Automation for control evidence contributing to ISO
27001 SOC2 PCIDSS”
