Security Operations

Responsibilities Detect and respond to cyber security threats to ensure your organization operates securely Partner with the existing internal SOC team across the world and keep the CISO informed about security Incidents Act as a liaison between the SOC team other internal stakeholders and external parties such as vendors clients or regulatory bodies Monitor security systems and networks for potential security breaches or incidents Conduct in-depth investigations into security incidents to determine the root cause and extent of the compromise Develop and implement incident response plans and procedures to contain eradicate and recover from security incidents Coordinate with cross-functional teams including IT legal and senior management to respond to and mitigate security incidents Document incident response activities including findings actions taken and lessons learned for future reference and improvement Provide guidance and mentor junior members of the latest security trends techniques Stay current with emerging cybersecurity threats vulnerabilities and trends to proactively enhance incident response capabilities Define and Drive tabletop exercises and simulated incident scenarios to test and improve incident response readiness Carry Table-top exercise for Customer on various Incident Response Scenarios Collaborate with external partners such as law enforcement and industry peers to share threat intelligence and best practices Develop incident management plans and procedures surveying the networks for signs of a breach and coordinating and executing tabletop exercises to practice develop plans policies and procedures Perform proactive threat hunts to identify threats and assess the state of security controls work with in-house red teams to detect offensive operations and capture and action findings Upgrade security systems by monitoring security environment identifying security gaps evaluating and implementing enhancements Proactive identification of threats and risk remediation Generate metrics for the Management as needed Prepare system security reports by collecting analyzing and summarizing data and trends Define and participate in implementation of On-prem and Cloud architecture and security controls Maintain security by monitoring and ensuring compliance to standards policies and procedures conducting incident response analyses developing and conducting training programs Qualifications 6 - 10 years of proven experience in Security incident response handling Vulnerability Management or Penetration testing a master s degree can be substituted for experience Practical experience with threat detection monitoring and incident response and implementation ability to query and write detection rules and management of security related technologies i e SIEM Qradar Splunk SOAR WAF AV Firewalls Internet-facing services Proven experience in cybersecurity incident response including hands-on experience with incident detection analysis and response Experience conducting technical analysis of security events including Malware analysis incident triage escalation communication and digital forensics Excellent analytical and problem-solving skills with the ability to think critically and make decisions under pressure Effective communication skills both verbal and written can convey technical information to non-technical stakeholders Familiarity with scripting for automation Strong expertise in gathering and condensing threat intelligence into actionable and meaningful communication materials Bachelor s degree in information security or information technology or computer science or related fields Experience in public cloud infrastructure such as Microsoft Azure GCP AWS Familiarity with security frameworks and regulatory requirements such as NIST ISO 27001 2 Proven experience with products dealing with vulnerability management services which include Tenable Qualys Nexpose etc Demonstrated understanding of information security concepts standards practices including but not limited to firewalls intrusion prevention and detection TCP IP and related protocols device monitoring and log management and event monitoring reporting Certifications such as CISM CEH GCIA GCIH CISSP or equivalent People Management experience is a plus Results focused and attention to detail Our Values If you want to know the heart of a company take a look at their values Ours unite us They are what drive our success - and the success of our customers Does your heart beat like ours Find out here All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin disability or protected veteran status