[Immediate Start] Sr Analyst I-cyber Defense

As one of the world s leading asset managers Invesco is dedicated to helping investors worldwide achieve their financial objectives By delivering the combined power of our distinctive investment management capabilities we provide a wide range of investment strategies and vehicles to our clients around the world If you re looking for challenging work smart colleagues and a global employer with a social conscience come explore your potential at Invesco Make a difference every day Duties Lead and coordinate incident response efforts for cloud-based environments AWS Azure GCP Analyze and investigate security alerts logs and events from SIEM EDR and cloud-native tools Develop and maintain incident response playbooks runbooks and escalation procedures Collaborate with CloudOps Cloud Engineering and Application Teams to contain and remediate threats Analyze information security events from multiple sources including SIEM IPS IDS firewalls Endpoint security cloud security email gateway Identity protection etc identify the cause of incidents and respond by applying containment and eradication strategies Design and implement IT security systems Endpoint security Email protection Identity protection Cloud security to protect corporate network from cyber threats Respond and analyze cyber incidents Monitoring IPS IDS alerts Coordinating and distributing advisories on cyber security Incident vulnerabilities and threats to relevant stakeholders Collaborate closely with Threat Intelligence Incident Response Business Security Application Security Technology and other teams as vital Assess vulnerabilities and attacker tactics techniques and procedures TTP and provide defensive action to locate and prevent threats Review and analyze security data within the SIEM and network traffic such as full packet captures and analysis or NetFlow data to detect traffic anomalies identify infected systems and threat actor related activity based on known tactics techniques and procedures Configure rules for real-time alerting in SIEM tool for events analytic rules automation rules hunting queries Playbook Conduct static and dynamic Malware Analysis Configure and deploy security policies Rules and controls within firewalls Configure Palo-Alto Security firewall Policies Rules Build Custom objects Categories for network Configurations based on various enterprise requirements Create and enforce security policies in various Cyber defense tools Endpoint security Email gateway firewalls AD Groups to mitigate risks Create and update interactive Security event Incident Reports and Dashboards for executive leadership Conduct proactive Threat Hunting exercises to identify and mitigate security threats through the review of system logs threat intelligence network activity and known tactics techniques and procedures Lead activities to simulate real-world cyber-attacks and assess effectiveness of defensive measures Configure IDS IPS signatures based on Vendor-provided signatures Vulnerability Database CTI Feeds TCP IP HTTP FTP SSH protocols following industry standards NIST PCI-DSS HIPAA etc regex hex encoding and create Custom IDS IPS based on opensource signatures snort Suricata Work under Team Leader to maintain security devices and show practical experience in managing SIEM environments firewalls content filters NIDS proxy servers HIPS and packet capture devices Perform malware analysis by sandboxing file URL decoding a script and locate IOCs Indicators of Compromise within the file while knowing and understanding the MITRE Kill Chain and other Cybersecurity standards Work on End-End malware remediation process from identifying malware containing systems while assessing the Enterprise risk Malware reverse engineering identifying IOC s updating identified signatures and Hunting IOCs in Enterprise environment Work on endpoint security Incidents while providing recommended actions for completely removing all traces of malware from the infected system including rootkits Trojans viruses and malicious software s restoring system to a known good state ensuring the integrity and security of all data and applications Serve as the primary escalation contact for all security incidents in the absence of L3 Make recommendations build modify and update IPS policies Endpoint AV security controls Network AV security controls and Security Information Event Management SIEM tool rules Mentor and train team members Deliver technical training in areas such as log monitoring security event analysis phishing email investigations and incident handling Requirements Must have a Bachelor s degree in Software or Computer Engineering Mechanical Engineering Information Security or related field Must have obtained at least one of the following certifications CISSP CompTIA Security CHFI AWS Security Specialty AWS Solution Architect Associate Strong knowledge of cloud platforms AWS Azure GCP and their security services Experience with cloud-native logging and monitoring e g CloudTrail GuardDuty Azure Defender Must have 5 years of progressive experience in Information Cyber Security positions performing utilizing the following Information Security Operations Cyber Incident Response Process identification analysis reporting remediation mitigation verification post-analysis and process improvement Network analysis tools scripting languages software vulnerabilities exploits and malware analysis and reverse engineering Reading and understanding system data including security event logs system logs application logs and device logs Strong network security threat hunting and threat intelligence Must have at least 4 years of experience with Enterprise grade technologies including Windows and Linux Operating Systems Databases Endpoint security Web Applications and Applicable monitoring tools including SIEM DLP Internet filtering blocking IDS IPS firewalls Anti-Virus encryption technologies and Vulnerability management Creating custom correlation rules to detect known or suspected malware traffic patterns within security tools Full Time Part Time Full time Worker Type Employee Job Exempt Yes No Yes Workplace Model At Invesco our workplace model supports our culture and meets the needs of our clients while providing flexibility our employees value As a full-time employee compliance with the workplace policy means working with your direct manager to create a schedule where you will work in your designated office at least three days a week with two days working outside an Invesco office Why Invesco In Invesco we act with integrity and do meaningful work to create impact for our stakeholders We believe our culture is stronger when we all feel we belong and we respect each other s identities lives health and well-being We come together to create better solutions for our clients our business and each other by building on different voices and perspectives We nurture and encourage each other to ensure our meaningful growth both personally and professionally We believe in diverse inclusive and supportive workplace where everyone feels equally valued and this starts at the top with our senior leaders having diversity and inclusion goals Our global focus on diversity and inclusion has grown exponentially and we encourage connection and community through our many employee-led Business Resource Groups BRGs What s in it for you As an organization we support personal needs diverse backgrounds and provide internal networks as well as opportunities to get involved in the community and in the world Our benefit policy includes but not limited to Competitive Compensation Flexible Hybrid Work 30 days Annual Leave Public Holidays Life Insurance Retirement Planning Group Personal Accident Insurance Medical Insurance for Employee and Family Annual Health Check-up 26 weeks Maternity Leave Paternal Leave Adoption Leave Near site Childcare Facility Employee Assistance Program Study Support Employee Stock Purchase Plan ESG Commitments and Goals Business Resource Groups Career Development Programs Mentoring Programs Invesco Cares Dress for your Day In Invesco we offer development opportunities that help you thrive as a lifelong learner in a constantly evolving business environment and ensure your constant growth Our AI enabled learning platform delivers curated content based on your role and interest We ensure our manager and leaders also have many opportunities to advance their skills and competencies that becomes pivotal in their continuous pursuit of performance excellence To know more about us About Invesco About our Culture About our D I policy About our CR program Apply for the role Invesco Careers