Security Support Analyst

About Halma:

Halma is a global group of life-saving technology companies, driven by a clear purpose. We are an FTSE 100 company with headquarters in the UK and operations in 23 countries, including regional hubs in India, China, Brazil, and the US.

Our diverse group of nearly 50 global companies specialize in market leading technologies that push the boundaries of science and technology.

For the last 42 years, the combination of our purpose, strategy, people, DNA and sustainable business model has resulted in record long-term growth in revenues and profits and an increase in dividend by ≥ 5% every year– an achievement unrivalled by any company listed on the London Stock Exchange.

Why join us?

We are a Great Place to Work certified organization, with an employee centric culture anchored on autonomy, trust, respect, humility, work-life balance, team spirit, and approachable leadership.

We offer a safe and respectful workplace, where everyone can be who they 'REALLY' are, feel free to bring their whole selves to work and use their unique talents, knowledge, expertise, experiences, and backgrounds to create meaningful outcomes.

We nurture entrepreneurial spirits and empower them to think beyond the possibilities, to discover, shape and build their own unique stories. We promote and support non-linear career growth for the right talent.

We are simple, humble and approachable, and we believe in leadership at all levels to bring our purpose to life. Everyone at Halma India makes an impact, and so do you when you join us

Position Objective

- Perform real-time monitoring on malicious activities and analyze logs looking for attack patterns to ensure infiltration attempts are identified and dealt with in a timely manner.
- He/she will be responsible for managing technical support requests pertaining to Security devices integrated in Halma's infrastructure.
- Provide first-line support for Halma and its subsidiary company infrastructure security.

Roles and Responsibilities

- Perform real-time security monitoring and incident response activities across the networks, leveraging a variety of tools and techniques.
- Create and improve Incident Response Playbook.
- Perform post-incident reviews to improve and tune Halma's incident response capability.
- Provide support to the team members while investigating alerts escalated by MSSP & work closely with Leads.
- Provide support in the area of Azure Active directory, Intune (conditional access/MDM), single sign-on and Multifactor Authentication, Microsoft Defender for Endpoint, Microsoft Defender for Server, Office 365 email security.
- Monitor and respond to security incidents for Halma PLC and Subsidiary companies.
- Interact with end-users and IT Managers of Halma and Subsidiary companies during investigations, to raise awareness and training opportunities.
- Create and Maintain KB articles & SOPs for all the applications related to SOC to ensure security best practices in the team.
- Should be able to work on Incident and Security Reports Independently.

Critical Success factors

- Successfully resolve security incidents, infrastructure support & service requests within SLA.
- Contribute to improving processes, systems and services provided by Halma IT.
- Identification of Security Risks and threats to the Group.
- Cyber security mindset is key and taking appropriate action on any cyber incident is the major aspect of this role.

Experience

- Total experience of 3-5 years.
- Exposure to security technologies including Incident Response, Microsoft Defender, Azure Sentinel.
- Knowledge of network fundamentals TCP/IP, SSL/TLS, DNS, DHCP.
- Hands-on experience with Microsoft technologies like 365 ATP Defender, Endpoint Manager (Intune conditional access/MDM/MAM) and knowledge of KQL.
- Any vendor firewall and Remote Access solutions.

Good to have

Cato Networks (VPN and Firewall), Azure Active Directory, Data leak prevention technologies.

Academic qualification

- Bachelor's in computer science/IT.

- Preferred Certifications: CompTIA Security+, CEH, Microsoft Security certifications like SC-200/SC-300/SC-400.

- Desirable Certifications: Any SIEM certifications, any Network certifications.

Key attributes

- High integrity.
- Diligent.
- Honesty.
- Great communication.
- Great Team Player.

Competencies

- Good documentation skills.
- Good written and spoken English is a must.
- Excellent problem-solving skills.
- Effective communication with business stakeholders.
- Broad range of technical skills, with a focus on Security and Risk.
- Must be willing to mentor other Team members to grow as a team.

---