Job
Description
Dreaming big is in our DNA Its who we are as a company Its our culture Its our heritage And more than ever, its our future A future where were always looking forward Always serving up new ways to meet lifes moments A future where we keep dreaming bigger We look for people with passion, talent, and curiosity, and provide them with the teammates, resources and opportunities to unleash their full potential The power we create together when we combine your strengths with ours is unstoppable Are you ready to join a team that dreams as big as you do AB InBev GCC was incorporated in 2014 as a strategic partner for Anheuser-Busch InBev The center leverages the power of data and analytics to drive growth for critical business functions such as operations, finance, people, and technology The teams are transforming Operations through Tech and Analytics, Do You Dream Big We Need You, Job Description Job Title: Senior Specialist Cyber Security Operations Location: Bengaluru Reporting to: Senior Manager Cyber Security Operations Purpose of the role Do you want to join the world largest brewerWe at AB-InBev have a fantastic opportunity for you to work as a Cyber threat hunter & join a growing team of top professionals who invest time and effort in protecting Ab-InBev from top Sophisticated Threats We're constantly improving, advancing, and adopting new trends, new skills, and new expertise, giving our employees endless opportunities for professional development Youll be expected to work with in a team of incident responders operating in 24x7 shift model with deep knowledge on investigating Security alerts, and process responses for alerts generated by cyber security systems within defined timelines, Key tasks & accountabilities Work in a team of cyber security incident responders monitoring, responding, and processing responses for the security alerts triggered from SOC tools deployed across on-premises and cloud environments like EDR, IDS/IPS, Web proxy, SIEM, phishing analysis etc , And from Cloud Security platforms like MS Defender for Cloud, AWS Guard duty, Orca Security etc , Monitor threats and new attack techniques being disclosed in the wild, Investigate events to determine if they are true events or false positive, Perform hunts in environment to identify any persistent in environment, Create incident storyline based on the investigations, identify, and communicate required remediation steps for all security alerts/incidents, Co-relate different log sources to collect the evidence required to understand the impact and advise on response actions, Must have worked on Tuning existing alerts and Creation of exiting alerts to reduce False positive, Adhere to the SLAs and operational practices during a 24x7 shift schedule, Follow shift routine, regular updates to incidents, follow-up with vendors, AB InBev Zone Security contacts, and shift handover, Work closely with In-house automation, data science to automate the repeated tasks, Participate in projects to improve security monitoring toolkits as well as to improve defensive controls, Act as an Incident commander during Critical incidents Act quickly on identifying potential kill switch and containment Post Containment, Prepare the incident report and share with required stakeholders, Create Incident response SOPs and run books as in when needed, Seek opportunities to drive efficiencies and collaborate with other technology teams within and outside SOC (Eg : NOC, Infra, automation, Intel, Offensive team, Cloud Ops, etc ,) Working closely with Engineering team, to aid in the enhancement of contextual analysis and providing threat hunting support, Business Environment Flexible to support in 24*7 support environment, Proficient in Threat Hunting techniques (endpoint and network data analysis), Knowledge on Operational Technology (OT) Devices, Protocols, Effective interpersonal, team building and communication skills, Good Oral and Written communication skills Ability to communicate complex technology to non tech audience in simple and precise manner Ownership skills, Effectively collaborates and communicates with the stakeholders and ensures client satisfaction, Learn things quickly, while working outside the area of expertise, Good knowledge of security standards and best practices, Understanding of various operating systems, Familiarity with the Cyber Kill Chain and demonstrable analytical skills, Qualifications, Experience, Skills Bachelors degree preferably in Computer Science or Information Systems and /or equivalent formal training or work experience, 6+ years of experience in a technical role in the areas of Incident response, CISRT and SOC Operations, Experience with more than one EDR, SIEM, and log analysis tools and techniques, Experience on Cloud Security native solutions like MS Defender for Cloud, AWS Guard duty, GCP Command center etc , and commercial tools like Orca, Wiz etc , Experience in handling critical incidents in the past with Strong ability to use data points to sketch a story, Ability to identify and communicate remediation steps for cybersecurity events by considering architecture, infra and system limitations, Ability to recognize potential intrusion attempts and compromises through analyses of relevant event logs, Good knowledge on operating system internals (Windows, Linux/UNIX & MAC) and Networking concepts, Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively, Nice to have: Security certifications like CEH, CHFI, CompTIA Security +, etc , Should have strong experience on Cyber Security alert response practices and Critical incident handling procedures, Good to have experience in tuning UBEA platform, Should have Advanced knowledge on operating system internals (Windows & Linux/UNIX) and Networking protocols, A demonstrated passion towards cyber security, Competencies: Familiarity with offensive strategies and attack vectors, Ability to effectively work in a global team across a complex, geographically dispersed organization, Good understanding of common threat analysis models such as the Cyber Kill Chain, and MITRE ATTCK, Knowledge on Operational handling will be an additional advantage, And above all of this, an undying love for beer! We dream big to create future with more cheers
