Job
Description
Description Generic JD Job Responsibilities Lead cyber security initiatives and projects for the organization Work with security partners or MSP to ensure all the security due diligence is done as per best practices Design and update correlation rules based on security control situation and cyber threat circumstances, as well as create and maintain correlation guidelines and review process Determine security requirements by evaluating business policies and requirements; research information security solutions; perform system security and vulnerability scans and risk assessments; study the architecture/platform Define security strategies by specifying intrusion detection methodologies and equipment; lead the installation and calibration of equipment and software; prepare preventive and reactive measures; complete documentation Lead technology architecture practices related to Cloud infrastructure Improve the achievements and skills of the security team by planning the delivery of solutions; answer technical and procedural questions for less experienced team members; teaching improved processes; mentor team members Perform threat hunting and incident investigation over logs from SIEM Run vulnerability scans, pen. tests for IT and OT networks and remediate security gaps Respond to security incidents and analyze alerts, thresholds, logs, and threat cases Manage O365 platform and device security and improvements Monitor cloud platforms security and fine tune security dashboards and alerts Hardening of network firewall, switches, desktops and servers Conduct regular user trainings on cyber education and security policies Support technical forensic investigations Submit daily, weekly, monthly security reports to IT leadership based on risk ratings Research and evaluate new cybersecurity threats, IT trends and security controls Multitasking in high stress situations while ensuring that no details are missed Exercising good judgement when dealing with issues and ensuring a sense of urgency in their resolution while remaining calm and focused Experience with physical security standards would be plus Taking the initiative and working proactively with minimal supervision is a must Qualifications Bachelors degree or college diploma in Computer Engineering, Computer Science, or a related field, or equivalent training and experience and proven 5 to 7 years hands-on experience inIdentity and access management Cisco and other firewall architecture and integration Cyber threat hunting, research and mitigation Vulnerability assessment and pen testing Knowledge of MS Azure security, MS defender, Intune is a must Hands-on experience in cyber defense with experience in OT security would be an advantage. e.g., Experience in consulting, security monitoring, attack detection, incident response, forensics, or security engineering Experience with Intrusion Detection Systems (IDS) technologies and firewall IOCs, Analyze and/or decipher packet captures from network protocol analyzers (Wireshark, TCPdump, Nessus, Tenable etc) Experience with the full lifecycle of IT security including device provisioning, commissioning, and remote device management layers Good familiarity with manufacturing plant environment systems, Perdue model, ISA-95, cabling infrastructure, Cisco CPwE architecture and plant VLANs security layers Excellent up-to-date technical and hands-on knowledge/experience in current attack methods, detection approaches, state-of-the-art detection tools (e.g., SIEM, anomaly detection, etc), protection concepts (defense-in-depth, network protection, endpoint protection, cloud protection) Ability to manage conflicting priorities under tight deadlines with limited supervision Able to work in managed service environment and familiar with ITIL process methodologies for support and escalations Excellent knowledge of Active directory and MS Azure security policies, DNS,DHCP and TCP/IP protocols IT security related certifications such as Security+, Network+, CEH, CCIE, CCNP, PMP etc. would be an advantage NIST, ITIL Cybersecurity framework Good hands-on and strong can-do attitude Ability to drive projects by themselves and willingness to support business inititives and cross functional teams Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade D Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility No Global Role Family To be defined Local Role Name To be defined Local Skills English;IT security;identity and access management;architecture Languages RequiredENGLISH Role Rarity To Be Defined
