Analyst Incident Response
Job Summary
Dover is a diversified global manufacturer with annual revenue of over $8 billion. We deliver innovative equipment and components specialty systems consumable supplies software and digital solutions and support services through five operating segments: Engineered Products Clean Energy & Fueling Imaging & Identification Pumps & Process Solutions and Climate & Sustainable Technologies. Dover combines global scale with operational agility to lead the markets we serve. Recognized for our entrepreneurial approach for over 60 years our team of approximately 24000 employees takes an ownership mindset collaborating with customers to redefine whats possible. Headquartered in Downers Grove Illinois Dover trades on the New York Stock Exchange under DOV. Additional information is available at.
Designation:Analyst - Incident Response
Experience: 3-8 Years
Education: B.E
Location: Bangalore
Roles & Responsibilities:
- Monitor and triage security alerts from SOC tools and escalate incidents asrequired.
- Performend-to-end incident investigation and response including detection containment eradication and recovery.
- Conducttimeline analysisusing EDR tools (CrowdStrike) toidentifyattack vectors and impacted systems.
- Analyze logs and create queries inSplunk (SIEM)for threat detection and correlation.
- Performemail header analysisfor phishing spoofing and email-based threats.
- Investigate incidents involving:
- Data exfiltration / data loss
- Financial fraud (customer/vendor/banking interactions)
- Zero-day threats
- Copyright infringement
- Assessincident impact severity and business risk.
- Document incidents withclearevidence findings and recommendations.
- Collaborate with IT Cloud and Network teams for remediation and recovery.
- Contribute to improvingIR playbooks and SOC processes.
- Maintainaccurateandtimelyincident documentation within incident management systems.
Must have skills:
- EDR: CrowdStrike (event timeline analysis RTR experience)
- SIEM: Splunk (log analysis query writing)
- Cloud Security: AWS Azure O365 log analysis
- Email Security: Email header and phishing analysis
- Networking: DNS DHCP OSI model TCP/IP
- Security Tools: Firewalls IDS/IPS WAF Proxy
- Frameworks: Cyber Kill Chain / MITRE ATT&CK
Preferred Certifications:
- Certifications: CEH GCIH GCIA SecurityCCNA
- Exposure to threat intelligence platforms
Required Experience
- Total Experience: 5 Years
- SOC Monitoring: 13 Years
- Incident Response:2Years
We consider several job-related non-discriminatory factors when determining the pay rate for a position including but not limited to the positions responsibilities a candidates work experience a candidates education/training the positions location and the key skills needed for the position. Pay is one of the Total Rewards that we provide to compensate and recognize employees for their qualified applicants will receive consideration for employment without discrimination on the basis of race color religion sex sexual orientation gender identity national origin protected veteran status disability age genetic information or any other factors prohibited by law.
Required Experience:
IC
About Company
Dover is a diversified global manufacturer and solutions provider with annual revenue of over $8 billion. We deliver innovative equipment and components, consumable supplies, aftermarket parts, software and digital solutions, and support services through five operating segments: Engin ... View more