Cyber_MS_MDR Cyber Enablement Tableau Dashboard/Reporting - Assistant Manager

Key Responsibilities:

1. Data Pipeline Establishment:
2. Data Model Development and Maintenance:
3. Deduplication and Correlation:
4. Monitoring and Alerting:
5. Reporting and Presentation:
6. Automated Data Management:
7. Continuous Health Monitoring:
8. Dashboard Operation and Maintenance:
9. Metrics Analysis and Reporting:
10. Commentary and Contextualization:
11. Continuous Improvement and Adaptation:
12. Documentation and Governance:
13. Problem-Solving and Communication:

Qualifications:

• 8+ years of relevant experience in data engineering, cybersecurity monitoring, and system integration processes.
• Proficiency in working with Databricks or similar data store systems.
• Knowledge of OSCF models and frameworks.
• Programming and scripting skills for data transformation and pipeline development/database query languages
• Familiarity with cybersecurity tools like ServiceNow, Qualys, Splunk, EDR/XDR, and CPSM/Wiz.io.
• Experience in developing monitoring and alerting mechanisms.
• Proven ability to design effective reporting formats and dashboards.
• Strong analytical skills for data correlation and deduplication tasks.
• Excellent communication skills for conveying insights and collaborating with teams.

Preferred Qualifications:

• Certifications in data engineering, cybersecurity, and relevant fields.
• Experience with machine learning models for anomaly detection.
• Familiarity with data governance and compliance in cybersecurity contexts.
• Experience using metrics tooling, reporting dashboards, PowerBI, Tableau, Databricks
• Data visualization and dashboard development

Key Responsibilities:

1. Data Pipeline Establishment:
2. Data Model Development and Maintenance:
3. Deduplication and Correlation:
4. Monitoring and Alerting:
5. Reporting and Presentation:
6. Automated Data Management:
7. Continuous Health Monitoring:
8. Dashboard Operation and Maintenance:
9. Metrics Analysis and Reporting:
10. Commentary and Contextualization:
11. Continuous Improvement and Adaptation:
12. Documentation and Governance:
13. Problem-Solving and Communication:

Qualifications:

• 8+ years of relevant experience in data engineering, cybersecurity monitoring, and system integration processes.
• Proficiency in working with Databricks or similar data store systems.
• Knowledge of OSCF models and frameworks.
• Programming and scripting skills for data transformation and pipeline development/database query languages
• Familiarity with cybersecurity tools like ServiceNow, Qualys, Splunk, EDR/XDR, and CPSM/Wiz.io.
• Experience in developing monitoring and alerting mechanisms.
• Proven ability to design effective reporting formats and dashboards.
• Strong analytical skills for data correlation and deduplication tasks.
• Excellent communication skills for conveying insights and collaborating with teams.

Preferred Qualifications:

• Certifications in data engineering, cybersecurity, and relevant fields.
• Experience with machine learning models for anomaly detection.
• Familiarity with data governance and compliance in cybersecurity contexts.
• Experience using metrics tooling, reporting dashboards, PowerBI, Tableau, Databricks
• Data visualization and dashboard development
• Function: KGS MDR Team
• Position: Level 3 Assistant Manager
• Location: Bangalore

Roles & Responsibilities

As a Level 3 Security Analyst, you will serve as a subject matter expert within the Security Operations Center (SOC), responsible for managing advanced threats, incident escalations, and forensic investigations. You will lead efforts in root cause analysis, threat intelligence, and incident response, while supporting the development of SOC processes and tools.

Key Responsibilities Include:

• Lead investigations of escalated security incidents from L1 and L2 teams.
• Lead client discussion involving continuous tuning efforts and operational reviews.
• Perform breach analysis and trace activities associated with advanced threats.
• Conduct forensic analysis of network traffic, host-based alerts, and system images.
• Provide specialized OT incident response for threats targeting:
• Investigate and respond to threats exploiting OT-specific protocols: Modbus, DNP3, BACnet, PROFINET, OPC UA, etc.
• Experience on Claroty is an added advantage.
• Monitor and interpret threats using IDS, firewalls, SIEM, and other security tools.
• Collaborate with SIEM Engineers to refine use cases and improve threat detection.
• Handle high and critical severity incidents per SOC playbooks.
• Support threat hunting initiatives and incident response handlers.
• Develop and maintain SOC processes and documentation.
• Coordinate evidence gathering and review incident reports.
• Produce technical after-action reports and contribute to lessons learned.
• ICS/SCADA systems.
• PLCs, HMIs, RTUs, and other industrial assets.

 

Must-Have Skills

• Experience:
• 8+ years in Information Security, System Administration, or Network Engineering.
• 5–6 years in Incident Response & 3–5 years working with SIEM tools (e.g., Microsoft Sentinel, Splunk, LogRhythm, Chronicle).
• Technical Expertise:
• Advanced scripting: PowerShell, Bash, Cisco IOS.sh, Perl, Lua, etc.
• Familiarity with IDS/IPS and Firewalls (Snort, Cisco, Fortigate).
• Packet analysis and capture tools.
• Deep understanding of TCP/IP, OSI Model, and network protocols.
• Malware analysis and reverse engineering techniques.
• Windows and Unix-based systems architecture knowledge.
• LAN/WAN technologies and network security devices.
• Certifications (at least one preferred):
• Security+, CEH, Network+, CISM, CISSP, GIAC (GCIA, GCIH, GREM).

 

Good-To-Have Skills

• Experience with vulnerability/penetration testing tools (e.g., Metasploit, Kali Linux, Nmap).
• Understanding of SIEM solution design and configuration.
• Familiarity with ITSM/ticketing tools.
• Strong analytical, communication, and client-facing skills.
• Ability to work under pressure and meet deadlines in fast-paced environments.
• Flexibility to work nights, weekends, or holidays during incident emergencies.
• Customer-oriented mindset with a proactive approach to problem-solving.

 

Qualifications

• Bachelor’s or Master’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field.
• Minimum 5 years of experience in MDR/SOC/Incident Response environments.
• Proven ability to work creatively and analytically in a problem-solving environment.
• Demonstrated ability to support tier-1 to tier-3 SOC environments.