As a valued member of our Cyber Intelligence Center /Security Operations team, you will advocate a pragmatic approach to proposing and implementing security solutions. You will actively contribute to the continual analysis of our security logs and posture to uphold our organizations security and situational awareness regarding potential threats.
What youll do
- Responsibilities:
- Security Projects: Coordinate and execute security projects aligned with the global security strategy, evaluating the security posture of the company and related data assets. Stay informed on the latest information security technologies, methodologies, and events, providing feedback on the security aspects or impact of non-security-related technology. Liaise with external vendors and service providers to ensure the efficacy of security solutions and services.
- Identity and Access Management Engineer: Manages user access to systems and resources, implementing authentication and authorization controls. Ensures only authorized users have appropriate access.
- Security Architecture: Designs and implements the overall security architecture for an organization, ensuring that all components work together to provide a secure environment.
- Security Automation: Develops and implements automated solutions for security tasks, such as automated threat detection, response, and remediation.
- Risk Assessment : Conduct thorough risk assessments to identify potential security vulnerabilities and assess the overall risk posture of the organization.
- Incident Response : Develop and execute incident response plans to effectively address and mitigate the impact of cybersecurity incidents or breaches.
- Security Audits and Compliance : Conduct regular security audits to ensure compliance with industry regulations and organizational security policies.
- Network Security : Implement and manage network security measures, including intrusion detection and prevention systems, to monitor and protect against unauthorized access.
- Vulnerability Management : Identify and assess vulnerabilities in systems and applications and implement strategies to remediate or mitigate these vulnerabilities.
- Security Awareness Training : Provide security awareness training to employees, educating them about best practices, social engineering threats, and other security-related matters.
- Security Policies and Procedures : Develop and enforce security policies and procedures to guide the organization in maintaining a secure and compliant environment.
- Research and Continuous Learning : Stay informed about the latest cybersecurity threats, vulnerabilities, and technologies through ongoing research and participation in relevant training programs.
What youll bring:
- Technical Requirements:
- Security Monitoring and Analysis: Monitor security alerts and events from various sources, including SIEM (Security Information and Event Management) tools. Conduct in-depth analysis of security incidents to determine the scope, impact, and severity.
- Incident Triage and Investigation: Ability to identify abuse/ Fraud patterns on Cloud Platform Perform initial triage of security incidents, prioritizing and escalating as necessary. Conduct detailed investigations to identify the root cause of security incidents and recommend remediation actions. Collaborate with the team to mitigate and counteract threats.
- Threat Detection and Analysis: Utilize threat intelligence and analyse patterns to detect emerging cybersecurity threats. Collaborate with other SOC analysts and teams to improve detection capabilities. Investigate signs of compromise, utilizing your problem-solving skills and knowledge of cyber-attacks and data analysis (phishing, Ransomware, account compromise, DDOS) Zero-day attack analysis and control, Analyse end user system for attack related incidents and share RCA
- Tool Management: Operate and manage security tools, including sumo logic, defender, Qualys, Sophos, O365, Phislabs, Litmos, Service desk, Jira, confluence, Datadog Recommend improvements to enhance the effectiveness of security tools. Developing, configuring, and deploying monitoring tools and scripts for applications and systems Exposure on Terraform, Git, workflow automation.
- Business Support: Participate in business and technology initiatives, contributing as an information security professional to define security-related processes and procedures. Engage in internal and third-party audits of the company s information security policies, procedures, and operational duties, supporting remediation efforts as necessary. Collaborating with product development, information technology (IT) and architecture teams to evaluate and implement new services based on requirements.
- Documentation and Reporting: Document incident details, investigation, analysis findings, and response actions. Generate and communicate incident reports to relevant stakeholders. Preparing disaster recovery plans / tabletop exercise / PEN Test / weekly monthly metric reports.
- CompTIA Security+, Certified Ethical Hacker (C|EH), CSAor equivalent are highly desirable.
Qualification:
- Bachelor s degree (or equivalent experience) in Computer Science,
- Engineering, or related technical field.
- 5-8 years of direct information security experience in a global IT
- environment, with proficiency in at least 2 of the 10 security domains.
- Experince on public cloud technology (AWS ,Azure, GCP ) & some cloud automations