Garrett - Advancing Motion
Location
Bangalore | India
Job description
Job Description
Garrett is a global innovator and technology leader that enables vehicles to be cleaner, more efficient and connected. With a nearly 70-year legacy, we serve customers worldwide with passenger vehicle, commercial vehicle, aftermarket replacement, and performance enhancement solutions. Our comprehensive portfolio of emission-reducing and zero-emission solutions advance sustainable motion, from world-class turbocharging and electric boosting technologies for hybrids, to electrified powertrains and automotive software.
Responsibility of this position is to secure and identify cybersecurity threats for Garrett IT and Plant networks. Investigate and triage events logs from endpoints, networks, firewall, SDWAN for cybersecurity infiltration, data exfiltration and other cybersecurity incidents in the organization. Source cybersecurity incidents external to the organization and create detection and prevention controls to alert and protect possible attack targeting the company. Identify and implement log and event sourcing from sources to provide comprehensive coverage of detection and preventive controls. Prioritize detection and response plan based on the impact to Garrett assets people, data assets, finance and brand image.
Mandatory Topics SOC Specialist, & CrowdStrike &CISCO firewall, #splunk, SOC operations Incident management and Security Operations , SOAR, Incident Investigation and triage ,Threat Intelligence, hands on, Ransomware attacks, OT or plant nice to have not necessary, security operations
SOC Operations
- Automate SOC monitoring and resolution for incidents reported
- Co-ordinate with MSSP partner for key initiatives, enable and provide requirements and support delivery of projects
- Deploy robust incident response, forensics and threat intelligence processes
- Lead the delivery of incident management system enhancements and modifications
- Drive process improvements assisting to identify opportunities for positive change, improving SOC's overall detection and response capabilities
Threat Hunting and Protection
- Investigate the network systems or endpoints to identify threat patterns or indicate compromise and analyze the threat
- Coordinate with the IT and OT team to resolve the cyber threats and prevent the same attack from recurring
- analyzing and detecting cyber threats that affect business operations using threat intelligence.
- monitoring the security patterns to identify, isolate, and detect the threats before attackers tend to exploit them.
- planning, creating, and implementing security solutions for the organization.
- Lead incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage
- Track security incident related KPIs and metrics, and assist with reporting on those metrics to senior management
- Define & Implement technology roadmap to mitigate threats across Endpoints & Network
Qualification - Bachelor's degree in Information Technology or related discipline
Experience - Overall 10+ years of relevant IT / Cyber Security experience
- Minimum 4+ years of technology experience in Data Protection tools such as Endpoint DLP, O365 DLP, Azure Information Protection
Key Skills And Knowledge - Hands on experience in deploying at least one Endpoint DLP tool at enterprise scale
- Strong & interpersonal and communication skills (written and oral) with ability to communicate at all organizational levels
- Ability to translate business issues/requirements and objectives into action plans
- Experience in customer service and global compliance management
- Strong knowledge of the global data security regulatory environment
- Proficiency in performing risk, business impact, control related to Data Protection
- Organized, responsive and highly thorough problem solver
- Ability to research and interpret new rules and regulations
- Structured, analytic and independent working methods
- Work with Cross Functional & Multi cultural based teams. Get Results is the key
- Good oral and written communications; excellent presentation skills
- Interpersonal skills and ability to work and facilitate diverse groups and work all levels internal and external customers
- Individual must be customer focused with good business acumen
- Can operate effectively in global networks and cross-functional
- Solution oriented, can build bridges and negotiate win-wins
- Track record of quickly and aggressively acting to resolve problems in Application security / Crisis resolution
- Strong process orientation; ability to bring structure to a broadly-defined problem and/or need
- Proven self-starter; able to take initiative to build organization capability and to deliver committed results
Job tags
Salary
