Job
Description
Description:
MS - Transition **Generic JD applied** Required Skills Excellent analytical, problem-solving and decision-making capabilities Excellent verbal, written and presentation communication skills Experience in managing multiple projects, deadlines, and resources Broad experience working in and/or supervising security operations Experience working in a geographically diverse and fast-paced environment Understanding of current information security challenges and solutions; industry trends Experience leading cross functional teams, preferably as part of a global team Extensive knowledge of security devices such as firewalls, intrusion detection systems, AV systems, spam systems, event correlation devices, log file analyzers etc. Understanding of ever-evolving Security information such as Threat Intelligence, IT vulnerabilities, Compromise methodology, and Indicators of Compromise. Ability to explain findings to non-technical professionals and management and be able to work under pressure in time of critical or emergency situations with attention to detail and accuracy Problem Solver - Set examples to team e.g. how to create an exec report, how to create a runbook that can withstand customer scrutiny, Technical - Needs to be an expert and hands on technical on at least one or two cyber areas such as incident investigation, SOC and VM Good Analytics skills Understand offshore model - Good communicator to work with offshore Solutioning - Knowing when the customer requires a technology transformation and getting ahead of the ask, connecting the dots with our internal experts and solutioning team to shape the solution Detailed job responsibilities Collaborate with other information security and IT professionals to develop and implement innovative strategies for monitoring and preventing attacks. Lead team to conduct proactive monitoring, logging and alerting to analyze, correlate, and respond to cyber-attacks, threat intelligence and ability to define Risk and Compliance Dashboards. Conduct research on emerging information security threats. Develop programs and scripts for various security initiatives. Create technical documentation around the content deployed to the SIEM. Collaborate with SIEM engineers to develop specific content necessary to implement security use cases and transform into correlation queries, reports, rules, alerts from Checkpoint Firewalls, Security IDS, Symantec Enterprise Protection, etc. Execute content management and change management procedures. Identify emerging threat actors and track existing actors as their tactics, techniques and procedures (TTP) evolve. Participate in after-hours on-call for Critical incident management. Participate in technology remediation efforts through cross functional teams across business units. Collaborate with team to have configuration, testing, integration tasks related to SIEM platform. Perform and guide forensic analysis in response to security incidents. Plan for live incident response (reactive and proactive incident management) by identifying and remediating malicious applications and compromised infrastructure components. Understand Network, Wireless, Mobile Device, and Wan/Lan infrastructure device architecture and associated Security integration for proactive Threat Management. Perform threat and vulnerability assessments and provide subject matter expertise on appropriate threat mitigation. Supports and mentors other members of the team. Help to troubleshoot issues with log sources or systems with vendor, and report system defects as needed. Named Job Posting? (if Yes - needs to be approved by SCSC)Additional Details Global Grade :CLevel :To Be DefinedNamed Job Posting? (if Yes - needs to be approved by SCSC) :NoRemote work possibility :YesGlobal Role Family :To be definedLocal Role Name :To be definedLocal Skills :Security Operations;firewalls;cyber threat intelligence;IT vulnerabilitiesLanguages Required::ENGLISHRole Rarity :To Be Defined
