Cyber Security Analyst – IT

Flex is the diversified manufacturing partner of choice that helps market-leading brands design, build and deliver innovative products that improve the world.A career at Flex offers the opportunity to make a difference and invest in your growth in a respectful, inclusive, and collaborative environment. If you are excited about a role but don't meet every bullet point, we encourage you to apply and join us to create the extraordinary.

Job Description

To support our extraordinary teams who build great products and contribute to our growth, we're looking to add a Cyber Security Analyst – IT located in Chennai / Remote location.

The role is required to act as the regional cyber incident response manager leading cyber incident response teams formed during an identified cyber incident. The cyber incident response manager will handle large scale incidents, events or investigations requiring cross-team coordination and communication.

Reporting to the Director, and the role involves:

What a typical day looks like:

• Coordinate the response to cyber security incidents; following standard incident response phases: prepare, identify, contain, eradicate, recover, lessons learned.
• Perform cyber incident response triage and handling by determining scope, urgency and potential impact to Flex; thereafter identifying the specific vulnerability and recommending actions for expeditious containment, eradication, remediation/recovery.
• Investigate escalated incidents using all available information from Flex information technology systems and security systems such as OS logs, application logs, firewall, IPS, sand boxing, host security, network devices, vulnerability management, compliance management, DLP and network forensics.
• Establish oversight of information security incidents and communicate analysis, containment, and remediation efforts to all involved business partners, escalating incidents to management in a timely manner with appropriate information regarding risk, action times, and root cause analysis.
• Determine the root cause of incidents and work with business or technology groups to remediate any identified control gaps or failures.
• Preserve, harvest, process, and analyze electronically stored information (ESI) from various electronic data sources such as laptops, desktops, servers, and small form factor mobile devices according to policies, procedures, and best practices.
• Continually develop information security policies and procedures documentation related to cyber incident response. Create and maintain policies, procedures, guidelines, and lead projects that ensure continued compliance with all applicable corporate policies, procedures, state and federal laws and regulations.
• Maintain a high level of professionalism in all areas of performance.
• Maintain proficiency with industry standard cyber incident response tools and practices, evaluation of the same.
• Develop and broaden cyber incident response skill set through training, industry collaboration, and research.
• Attend and present in-house training and awareness of Global Information Security policies and procedures

The experience we're looking to add to our team:

• Bachelor's degree or master's degree or related fields.
• 8+ years of experience in Information Technology or related field.
• 5+ years of relevant information security, audit, risk, privacy, compliance or other relevant experience in manufacturing, supply chain management, technology or combination of education and relevant experience.
• Experience with digital forensics processes and core principles such as evidence identification, seizure, chain of custody, network acquisition and triage.
• Experience with NIST Cybersecurity framework, Lockheed Martin Cyber Kill Chain , ISO27035, and/or recognized Cyber Security Incident Response Team (CSIRT) models.
• Shift (11am – 8pm / 2pm – 11pm) / Flexible.

Here are a few of our preferred experiences:

• Mastery of incident response methodologies, best practices and routines.
• Mastery at directing and coordinating technical response teams to develop quick containment solutions to cyber security incidents.
• Expert at identifying various types of events and incidents and applying the right response framework for each (i.e. information mishandling, security vulnerability, system exploit, malware infection, etc.)
• Advanced technical and overall understanding of computer systems, operating systems, enterprise networks and associated hardware and software.
• Understanding of the concepts surrounding digital evidence, and its impact on cyber incident response, investigations and legal activity applicable to their regions.
• Understanding of digital acquisition concepts, including but not limited to, creating a forensically sound copy of data and evidence from seized media, and verification of the evidence to demonstrate validity/integrity. Ability to use digital forensic devices, and evidence acquisition hardware/software.
• Highly effective written, oral and interpersonal communication skills to address a wide variety of sophisticated audiences with the ability to produce high quality oral and written work products presenting complex technical matters clearly and concisely.
• Demonstrate professionalism, discretion and judgment through sound decision making to obtain solutions via collaborative efforts with a wide variety of departments and personnel throughout the company.
• Ability to travel internationally (approximately 40%).
• Good to have certifications:
• Certified Information Systems Security Professional (CISSP);
• EnCase Certified Examiner (EnCE);
• Certified Fraud Examiner (CFE);
• Certified Ethical Hacker (CEH);
• Global Certified Incident Handler (GCIH);
• Microsoft Certified Systems Engineer (MSCE);
• Certified Secure Software Lifecycle Professional (CSSLP)

what you will get for the great work you provide:

• Health Insurance
• PTO

NK99

Job Category

ITFlex pays for all costs associated with the application, interview or offer process, a candidate will not be asked for any payment related to these costs.

Flex does not accept unsolicited resumes from headhunters, recruitment agencies or fee based recruitment services. Flex is an Equal Opportunity Employer and employment selection decisions are based on merit, qualifications, and abilities. Flex does not discriminate in employment opportunities or practices based on: age, race, religion, color, sex, national origin, marital status, sexual orientation, gender identity, veteran status, disability, pregnancy status or any other status protected by law. Flex provides reasonable accommodation so that qualified applicants with a disability may participate in the selection process. Please advise us of any accommodations you request to express interest in a position by e-mailing:

. Please state your request for assistance in your message. Only reasonable accommodation requests related to applying for a specific position within Flex will be reviewed at the e-mail address. Flex will contact you if it is determined that your background is a match to the required skills required for this position. Thank you for considering a career with Flex.