3 Mitre Framework Jobs

2+yrs of working experience in the computer forensics, cybercrime investigations, and other related technical fields with a combination of both public and private sector experience preferred. Identify, contain, mitigate, recover, and report on cyber-security incidents affecting the enterprise and business. The ability to constantly develop new and grow existing skills relating to Digital Forensics, as well as computing and professional topics. Knowledge of computer forensic best practices and industry standard methodologies for investigating host-based and network analysis The knowledge, skills, and ability to preserve digital evidence from a variety of platforms in a forensically sound manner. Knowledge of and a proven ability to follow globally established standards in digital evidence acquisition and handling. Demonstrate an understanding of digital forensic tools and techniques used to support internal fraud and employee investigations. Serve as an initial point of escalation for suspected incidents and intrusions. Demonstrated capability with endpoint detection and live response tools. Knowledge of digital forensics on Microsoft Windows, Mac, and Linux based systems. Proficiency with DFIR related open-source tools, memory, and full disk analysis The ability to work independently or with a team during large scale forensic investigations Demonstrate an understanding of incident response forensics and root cause analysis. Experience preparing in-depth investigation reports into forensic investigations, breach reports, privacy incidents and data exposure type cases. The ability to constantly develop new and grow existing skills relating to Digital Forensics, as well as computing and professional topics. Strong attention to detail in conducting forensic analysis combined with an ability to accurately record full documentation in support of the investigation.' Education specifications Any Techniqal Degree / Any UG, PG preferred Mandatory Skills: Cyber forensics, Memory analysis, Memory Forensics, Incident response, Digital Forensics, Strong communication skill (verbal and written), Working knowledge of Forensics tools including (but not limited to) FTK, Encase, Autopsy, Magnet Axiom, volatility, wireshark, Threat intelligence feeds, Cyber threat landscape and APT groups, SIEM (any), EDR (any), MITRE framework, Cyber kill chain framework. Certifications: Desirable certifications include, (but not limited to) CHFI, CIH, CSA, CEH, GSEC, GCIH, GCIA, GCFE, GREM, GCFA.

Mandatory Skills: Cyber forensics, Memory analysis, Memory Forensics, Incident response, Digital Forensics, Strong communication skill (verbal and written), Working knowledge of Forensics tools including (but not limited to) FTK, Encase, Autopsy, Magnet Axiom, volatility, wireshark, Threat intelligence feeds, Cyber threat landscape and APT groups, SIEM (any), EDR (any), MITRE framework, Cyber kill chain framework. Qualifications: 2+yrs of working experience in the computer forensics, cybercrime investigations, and other related technical fields with a combination of both public and private sector experience preferred. Identify, contain, mitigate, recover, and report on cyber-security incidents affecting the enterprise and business. The ability to constantly develop new and grow existing skills relating to Digital Forensics, as well as computing and professional topics. Knowledge of computer forensic best practices and industry standard methodologies for investigating host-based and network analysis The knowledge, skills, and ability to preserve digital evidence from a variety of platforms in a forensically sound manner. Knowledge of and a proven ability to follow globally established standards in digital evidence acquisition and handling. Demonstrate an understanding of digital forensic tools and techniques used to support internal fraud and employee investigations. Serve as an initial point of escalation for suspected incidents and intrusions. Demonstrated capability with endpoint detection and live response tools. Knowledge of digital forensics on Microsoft Windows, Mac, and Linux based systems. Proficiency with DFIR related open-source tools, memory, and full disk analysis The ability to work independently or with a team during large scale forensic investigations Demonstrate an understanding of incident response forensics and root cause analysis. Experience preparing in-depth investigation reports into forensic investigations, breach reports, privacy incidents and data exposure type cases. The ability to constantly develop new and grow existing skills relating to Digital Forensics, as well as computing and professional topics. Strong attention to detail in conducting forensic analysis combined with an ability to accurately record full documentation in support of the investigation. Certifications: Desirable certifications include, (but not limited to) CHFI, CIH, CSA, CEH, GSEC, GCIH, GCIA, GCFE, GREM, GCFA.

Should have strong knowledge in MS Sentinel SIEM engineering and administrative activities. People who are in operational profiles cannot apply for this position. Should have performed SIEM engineering role more than 4+ years. Problem solving & People management skill is required. Should have expertise in building custom analytical rules, tuning of analytical rules, building automation through Azure logic apps, management of entire product feature, end to end configuration. Should have expertise in forming KQL queries and functions for complex detection and monitoring requirements. Should have strong knowledge in MITRE attack framework and expertise in developing analytical rules and custom dashboards/workbooks across framework. Should have expertise in log management, retentions, maintenance of logs at low cost, performing access management, developing new custom dashboard based on different requirements. Should have proven record of implementing Sentinel advanced features, efficient log collection mechanisms, deployment and maintenance of log forwarders, maintenance of local agents. Should have expertise in integrating data sources which are not supported by Sentinel tool OOB. Custom parser development and ability to solve technical issues in Sentinel are must have requirements. Should have ability to prepare and maintain policy and procedure documentations around SIEM technology, document life cycle management skill is required. Should have expertise in consuming contents from content hub and management of log analytics workspace and ability to handle issues in MMA and AMA agents. Should have proven record of participation in customer or client reviews or global certifications regarding security controls in SIEM. Compliance and regulatory requirements understandings are good to have. Preference will be given for candidates completed Sentinel Ninja Level 400 Training and Certification. Good to have strong knowledge in Microsoft Sentinel pricing, Microsoft defender products, Microsoft Cloud services and Azure Arc. Should have ability to work with stakeholders to solve technical issues and also to support and deliver complex business, security and operational requirements. Should have ability to work with vendor technical support group and driving issues towards effective and permanent closure. Having knowledge and hands-on experience in Microsoft Defender XDR stack will be an added advantage.