Associate - Cyber Splunk Operation

Cyber Security Operations Associate - IN

The Cyber Security Operations Associate investigates and analyzes all response activities related to cyber incidents within the network environment.

Key Responsibilities and Duties
- Under general supervision, this job monitors the operation of systems and networks, along with user activity, to prevent and reduce cyber security incidents.

Educational Requirements
- University (Degree) Preferred

Work Experience
- 2+ Years Required; 3+ Years Preferred

Career Level

6IC

Understanding security log sources, Creating content for the security information and event management system (SIEM). Support log onboarding of critical security log sources. Support security orchestration, automation and response. Help support and lead building security solutions related to the Security Operations team.

**Responsibilities**:

- Review new security log data sources. Size, understand and create log parsing.
- Develop new SIEM content (Splunk ES) including correlations, dashboards, reports, and alerts that appropriately characterize the importance of events of interest found in the TIAA operational environment
- Document and develop tools to assist Security Operations personnel in log collection and review
- Develop metrics and trends that demonstrate the log platform's health and operational state
- Provide business requirements to peer teams within TIAA that relate to the governance, development, and sustainability of logging related to security-relevant events
- Support for security operations for potential crisis situations, with 24x7 availability as needed
- Participate in information security audits, ensuring the technical compliance with related (e.g. PCI, SOX, etc) regulatory requirements
- Ensure breadth and depth of coverage within the SIEM environment for all security solutions deployed at TIAA; ensure that technologies are properly being leveraged to provide detective capabilities of security events
- Maintain operational effectiveness of SIEM content rules, accepting requests from Security Operations and elsewhere in the business (within the governance framework) to tune and implement rules to meet emerging threats
- Collaborate with others inside of IT Risk and Information Security, as well as elsewhere in the business, to ensure excellence
- Define, document, and implement appropriate delivery, parsing, reporting, and retention of security-relevant log information

___________________________________________________

Company Overview

TIAA GBS India was established in 2016 with a mission to tap into a vast pool of talent, reduce risk by insourcing key platforms and processes, as well as contribute to innovation with a focus on enhancing our technology stack. TIAA GBS India is focused on building a scalable and sustainable organization, with a focus on technology, operations and expanding into the shared services business space.

Working closely with our U.S. colleagues and other partners, our goal is to reduce risk, improve the efficiency of our technology and processes and develop innovative ideas to increase throughput and productivity.

We are an Equal Opportunity/Affirmative Action Employer. We consider all qualified applicants for employment regardless of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other protected status.

Accessibility Support

Phone: (800) 842-2755

Privacy Notices

For Applicants of TIAA, Nuveen and Affiliates residing in US (other than California), click

here


For Applicants of TIAA, Nuveen and Affiliates residing in California, please click

here


For Applicants of Nuveen residing in Europe and APAC, please click

here


For Applicants of Greenwood residing in Brazil (English), click

here


For Applicants of Greenwood residing in Brazil (Portuguese), click

here


For Applicants of Westchester residing in Brazil (English), click

here


For Applicants of Westchester residing in Brazil (Portuguese), click

here

.