Principal Engineer, Cyber Defense chez Dowjones

Equal Opportunity Employer

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, or disability status.  EEO/Disabled/Vets

Job Description :

Job Title: Principle Engineer, Cyber Defense

Location: Bengaluru

Work Type: Hybrid (3 days mandate in office)

What You’ll Do

Research and report on security vulnerabilities and the latest advancements in the Cyber Threat Landscape. Collaborate and coordinate with team members, partners and relevant businesses within the News Corp community.

Responsibilities

● Threat Hunting:

• Execute threat hunts: Plan and perform structured, unstructured, and intelligence-driven threat hunts across the network, endpoints, and cloud environments.
• Analyze data: Use advanced data analysis techniques to find anomalous behaviors, indicators of compromise (IOCs), and attack patterns in large datasets from sources like SIEM, EDR, and network logs.
• Stay current: Maintain an up-to-date understanding of the evolving threat landscape, attack methodologies, and security technologies through continuous learning.
• Mentor: Guide and train junior analysts on threat-hunting techniques and methodologies.

● Incident Response and Threat Intelligence:

• Stay up to date with the latest security threats, vulnerabilities, and attack vectors related to various tools and platforms.
• Monitor threat intelligence sources and collaborate with external partners to proactively identify and mitigate potential security risks.
• Lead incident response efforts during security breaches or cyber incidents, coordinating with internal teams and external stakeholders to contain and resolve incidents in a timely manner.
• Conduct post-incident reviews and lessons learned sessions to improve incident response processes and enhance overall security posture.

● Security Tool Implementation and Management:

• Collaborate with teams to develop content to improve detection capabilities in the Security Information and Event Management (SIEM) tool
• Evaluate, select, and implement security tools and technologies to enhance the capabilities of the SOC.
• Configure and tune security tools to optimize performance, detection accuracy, and minimize false positives.
• Collaborate with vendors and internal stakeholders to ensure effective integration and interoperability between security tools and systems.

Required Experience & Qualifications:

• 10+ years of information security experience
• Advanced knowledge of Security Operations Center (SOC) operations, incident response, and security monitoring practices.
• Prioritise and escalate any issues that could put business objectives, results, or processes at risk.
• In-depth knowledge and experience with current cyber threats and landscape to enterprise environments
• Ability to architect and drive implementation of large-scale cross-company initiatives
• Previous experience with the following tools is required: Splunk, EDR Solutions, Atlassian, ServiceNow, GitHub, Okta, and Microsoft Security products
• Familiarity with incident response frameworks and methodologies, such as the NIST Incident Response Framework or the SANS Incident Response Process, to guide efficient and effective incident handling.
• Strong knowledge of network protocols, network traffic analysis, and network security principles to detect and respond to network-based threats.
• Understanding of cloud security principles and experience in monitoring and securing cloud environments, such as AWS, Azure, or GCP.
• Ability to provide leadership and guidance to team members and to work optimally with technical and non-technical staff

Desired Qualifications

• Experience with incident response in cloud platforms [AWS, GCP, etc]
• Practical scripting language knowledge [Python, PowerShell, bash, etc.]
• Incident Response specific or other relevant certifications [ex. GCFA, GCIH, GNFA, GREM, etc.]
  Excellent verbal, written, and interpersonal communication skills
• Experience working in a large enterprise environment
• Strong analytical skills with high attention to detail and accuracy
• Able to handle confidential material in a professional manner
• Able to transform complex data into meaningful and prioritised action
• Able to create business friendly visualisations for complex datasets

Equal Opportunity Employer

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status. EEO/AA/M/F/Disabled/Vets

Job Category: