Information Security Architect I

**Position**:
Information Security Architect I

**What you'll be doing**
- Incident response lead on investigations and applied in the context of a broader understanding of CSIRT and related systems and processes.
- Utilize IT skills and experience to define potential solutions to forensics, especially related to network visibility and cloud infrastructures.
- Develop and lead RED TEAM practice, including engagements and penetration tests; with the objective to identify and safely exploit vulnerabilities.
- Encouraging improvement and innovation within Incident response and nurturing and developing less-experienced staff through coaching and written and verbal feedback.
- Utilize IT skills and experience to define potential solutions to forensics, especially related to network visibility and cloud infrastructures.
- Prepare and review reports that promote constant security enhancements.
- Perform threat hunting to find advanced cyber adversaries by utilizing threat intelligence and attacker TTPs/IOCs.
- Contribute to threat intelligence tracking, modeling, and systems.
- Transitioning, maintaining, or using Security Technologies such as Security Incident and Event Management (SIEM), Endpoint protection, EDR, NDR, Data Loss Prevention, and Forensic tools.
- Work with Security Operations L1-L3 on detection and response playbooks.
- This person should have the skills to conduct the analysis when needed but will primarily be focused on solving new problems and implementing research techniques.

**What We Are Looking For**
- BA/BS degree preferred
- Minimum 4 years of Information Security experience
- Minimum 3 years of Incident Response experience
- Red team or penetration testing experience preferred
- Forensic examination experience, including top tools (SIFT, Volatility, Magnet AXIOM, Autopsy, F-Response, and others)
- Solid background in network and systems administration as they relate to security best-practices, including cloud infrastructure
- Familiarity with troubleshooting network communication and system configuration issues
- Comprehension of top security threats (OWASP Top 10, SANS 25, NVD, etc.) and their remediation techniques
- Familiarity with tools such as nmap, wireshark, psexec, nessus or similar solutions
- Operational experience with the following preferred: Firewalls, Vulnerability scanners, Intrusion Detection/Prevention systems, End Point Protection Systems, SIEM Log Management Systems
- Working knowledge of the Electronic Discovery Reference Model (EDRM)
- Ability to meet deadlines and Service Level Agreements (SLA's) while performing activities in a time critical, highly confidential process
- High level of discretion in dealing with sensitive and confidential information
- Strong analytical and verbal skills

**Good to have**
- Working knowledge of software development and or scripting languages such as Python, Ruby, C# and/or PowerShell
- Experience with Cybersecurity SOAR platforms specifically with Demisto
- Experience working with advanced eDiscovery tools such as Security&Compliance Center for Office 365
- Working knowledge of regular expressions (regex)
- Comfortable working with command-line interfaces and with cloud environments such as AWS and Azure
- Working knowledge of Boolean expressions
- Working knowledge of the Microsoft Keyword Query Language Structure

**What's In It For You**
- Training and professional development
- Performance coaching
- Work with fun team in a supportive environment
- Work at a strong and growing company
- Community involvement opportunities

**About Arrow**

Our strategic direction of guiding innovation forward is expressed as Five Years Out, a way of thinking about the tangible future to bridge the gap between what's possible and the practical technologies to make it happen.

**Location**:
IN-KA-Bangalore, India (Midford Crescent) GESC

**Time Type**:
Full time

**Job Category**:
Information Technology