Job description
What you'll do...
What you'll do:
Supports incident response solutions by assisting team members in gathering requirements to support implementations; evaluating supplier products and services; researching information about new technologies; reviewing and compiling system documentation; participating in solution reviews; and implementing improvements to products, alerts, and monitors.
Supports incident response efforts by adhering, improving and developing newly defined operating procedures associated with the identification, containment, eradication, and recovery of impacted resources, as well as the procedures outlining digital and physical data handling; collaborating with interorganizational and intraorganizational cybersecurity personnel; reporting on incident response actions, including written and oral presentations; participating in, acting as point of contact for, and collecting and providing feedback on, proofs of concept during product and service evaluations; participating in team on-call pager rotation; and serving as escalation point for cybersecurity incidents.
Analyzes and records incident issues by documenting all actions taken during the incident response life cycle; reviewing, preparing for distribution, and submitting findings and collected data to Incident Response team members and leadership, as well as internal Legal, Human Resources and/or Global Investigations teams; and refraining from disclosing sensitive data or incident details with individuals outside of the appropriate teams and communications plan.
Builds understanding of threats by performing analysis on malicious software and providing samples to security product vendors to ensure coverage/detection exists across multiple layers of technology.
Demonstrates up-to-date expertise and applies this to the development, execution, and improvement of action plans by providing expert advice and guidance to others in the application of information and best practices; supporting and aligning efforts to meet customer and business needs; and building commitment for perspectives and rationales.
Provides and supports the implementation of business solutions by building relationships and partnerships with key stakeholders; identifying business needs; determining and carrying out necessary processes and practices; monitoring progress and results; recognizing and capitalizing on improvement opportunities; and adapting to competing demands, organizational changes, and new responsibilities.
Models compliance with company policies and procedures and supports company mission, values, and standards of ethics and integrity by incorporating these into the development and implementation of business plans; using the Open Door Policy; and demonstrating and assisting others with how to apply these in executing business processes and practices.
What you'll bring:
Proven Incident Handlings experience working with datasets, finding insights, and telling stories using data.
Experience reviewing and building standard operating procedures and processes.
Able to communicate clearly across all mediums.
Experience with information technology and/or cybersecurity along with a security mindset.
Have experience working cross-functionally across teams.
Self-motivated, able to raise innovative ideas, and possess a heightened sense of urgency.
Critical thinking skills and ability to troubleshoot problems or issues to understand root causes.
Expertise in carrying out investigations on Unix/Linux OS flavors.
Hands on experienced required on tools like EDR, SIEM, ( On Prem and Cloud) - preferably good to have Azure Sentinel and Google Chronicle, SOAR, Email Security, Incident Management, Firewall, IPS, Correlation skills, Use cases development and deployment. Well versed with People Process and Technologies in area of Cybersecurity.
Analysis and investigations skills like Malware analysis, Phishing Email Analysis, Network, Endpoint, Windows and Linux Operating Systems knowledge and hands on experience on investigations.
Good to have industry level certification like CIH, CompTIA Certifications, CEH and others as appropriate· Experience working with global teams.
Bachelor’s degree in computer science, Information Technology, Engineering, Computer Information Systems, or related field and 10 years' experience in information technology or related field within the last 10 years' experience in information technology.