Mashreq
Location
Bangalore | India
Job description
Job Purpose
Manage 24 X 7 X 36 Cyber Security operations team in MGS, Bangalore. Security
monitoring, incident detection, event triage, and incident escalation.
Managed
processes linked to intrusion monitoring, detection, triage, investigation, and
notification and escalation activities.
Monitoring
of threat monitoring data, and formalizes response based on each incident.
Subject
matter expertise on Cyber Security, participates in Information Security
strategies, also evaluates new solutions for implementation as and when needed.
Monitors bank's threat landscape including mitigation plans, effective monitoring and
reporting.
Key Result Areas
Being a contact point in case of incident and managing incident from its detection
to closure and post incident analysis.
Communicate in an appropriate way to all concerned stakeholders to prevent any
further damage due to an incident.
Threat Hunting and Advanced Threat management will be primary focus of this role
along with in -depth investigation and support to incidents escalated from SOC
Carry out containment of cyber attacks in order to prevent further infections.
Assess the contract ual an d legal impact of a cyber security incident.
Provide a scene / fieldwork response to digital investigations from the case strategy
through to the investigation into recovered digital media.
Owning Major Security Incident process and driving Major Security Incident when
happens will also be one of the key responsibilities
Strong knowledge in malware analysis would be a plus and the ability to conduct
detailed analysis of various security related events like Phishing, Malware,
DoS/DDoS, Application specific At tacks, Ransomware etc.
Form visualizations about the cyber attacks and propose remedial steps based on the attack patterns.
Provide day to day management and oversight of Tier I and Tier II SOC Teams
Evaluate existing SIEM rules, filters, events, incidents, and use cases and implement
appropriate processes and technology tools to meet business requirements.
Act as a Arcsight or Sentinel enterprise subject matter expert.
Operating Environment, Framework and Boundaries, Working Relationships
Cloud and Digital Ecosystem, Microservices and Open API Framework, Blockchain
related technology
Enterprise Infrastructure, Business Tech nology, and related Application
Security frameworks such as NESA, CIS, NIST, SOC2, ISO
Problem Solving
Ability to do issue analysis and root cause of all problems
Ability to prepare root cause analysis and devise solutions for problem
remediation.
Implementation and effective change management for the new s olution or
corrective actions
Deep understanding of the IS ecosystem to prepare business impact for all
problems
Decision Making Authority & Responsibility
Responsible for Validating any proposed security solutions to mitigate cloud
digital risks and on prem IT infrastructure
Develops and Maintains key security metrics related to Cyber Defense
management
Conducts PoC of relevant Cyber Security solutions/technologies and document
findings and suggestions for further evaluations
Participates in Security Reference Architecture f or Mashreq's IS platforms
Ability to work with peers and shift officers with minimal supervision
Contributes on policy preparation, regulation applicability, scoping and control
decision.
Prepares Cybersecurity controls design for IS solutions
Knowledge, Skills and Experience
Graduate/ Post Graduate degree in Science/ Engineering/ IT
Minimum 1 Certifications in CISSP, CISM, CISA, CEH, GCED, GCIA, CCSK, CISSP,
Azure Security.
Working experience on Threat Intelligence research and analysis
Experience with malware analysis and log monitoring in cloud environment such as
Azure
Detailed analysis of security incident and RCA identification.
Provide recommendation f or resolution and co ordinate with the platform owners.
Support incident response team for the incident management.
Handle incidents escalated by Sr. Security analyst
Experience creating SoPs and use cases for Analyst team working in cyber defense
center
Experience generating standard and custom reports for Security Operations Center
Experience integrating Data feed into SIEM tool.
Research on new threats and IOCs and build mitigating steps for the same.
Perform ongoing fine tuning of the SIEM to optimize the resource utilization.
Recommend use cases based on log analysis and report analysis
8+ years Information Security experience with minimum 4 years' of experience
working in Security Operations Center/ Cyber Defense monitoring.
Job tags
Salary