As a key member of the Information Security Operations team, you will be primarily responsible for monitoring & responding to security events & tickets, investigating root cause analysis of issues and updating and investigating threat feeds and alerts. In addition to the above tasks, you will support the wider information security and IT teams, as appropriate, with additional requests. The successful candidate should have a mind set to challenge existing processes, always looking for better ways to achieve the team and business goals through more efficient or updated processes. As part of the Information Security Operations Team, this role will include on-call work over a weekend on an agreed rotation.
Experience: 8-13 Years
Shift Timings: APAC (5AM-2PM IST)
Job Requirements:
The job requirements include but are not limited to the following tasks.
• Continuously monitor SIEM Console, ServiceNow incident queues and SecOps dashboards for alerts, tickets, and issues.
• Notify system owners and Escalate security incidents per the incident response escalation procedures.
• Monitor devices system performance, system resources utilization (disk space, indexed data) and health monitoring.
• Fine tuning and policy enhancement for SIEM and other SecOp’s tools.
• Assist in case of major outbreak or any critical incident related issue.
• The Incident response team will perform a deep dive incidents analysis by correlating data from various sources.
• Respond to all reported security incidents.
• Follow up with teams for incident closure.
• Maintain incident records as per the guidelines.
• Capture and protect the evidence related to an incident.
• Review and interpret new IoC threats for applicability.
• Deep-dive investigations including traffic & malware analysis.
• Perform incident damage assessment.
• Update stakeholders about security incidents progress.
• Strong interpersonal communication skills.
• Good verbal and written communication skills.
• Ability to analyze problems and create solutions to Maintain confidentiality of information.
• Must be able to prioritize projects, maintaining a sense of urgency to meet deadlines.
• Must possess the ability to follow verbal and written directions.
• Must be a self-starter and able to work well in independently and in Team.
• Must be able to use critical thinking skills and judgment.
• Must be able to work positively and professionally with a wide range of personalities.
• Must be able to accept constructive criticism.
Experience
• Ideal candidates will have background / experience in security operations. To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.
• The ideal candidate should be able to work autonomously and be self-motivated.
• The ideal candidate will have experience using / performing searches and tuning a SIEM product.
• The ideal candidate will have experience with the Microsoft suite of security tools.
• The ideal candidate will have experience in using security incident response frameworks & Mitre framework.
• The requirements listed above are representative of the knowledge, skill and/or ability required.
• Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.
These cookies are necessary for the website to function and cannot be turned off in our systems. You can set your browser to block these cookies, but then some parts of the website might not work.
Security
User experience
Target group oriented cookies
These cookies are set through our website by our advertising partners. They may be used by these companies to profile your interests and show you relevant advertising elsewhere.
Google Analytics
Google Ads
We use cookies
🍪
Our website uses cookies and similar technologies to personalize content, optimize the user experience and to indvidualize and evaluate advertising. By clicking Okay or activating an option in the cookie settings, you agree to this.
The best remote jobs via email
Join 5'000+ people getting weekly alerts with remote jobs!