Security Operations, IR Lead
Blue Yonder
full-time
Posted on:
Location Type: Office
Location: Hyderabad • 🇮🇳 India
Visit company websiteJob Level
Senior
Tech Stack
AWSAzureCloudCyber SecurityFirewallsGoogle Cloud PlatformSplunkTCP/IP
About the role
- Detect and respond to cyber security threats to ensure your organization operates securely.
- Partner with the existing internal SOC team across the world and keep the CISO informed about security Incidents.
- Act as a liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients, or regulatory bodies.
- Monitor security systems and networks for potential security breaches or incidents.
- Conduct in-depth investigations into security incidents to determine the root cause and extent of the compromise.
- Develop and implement incident response plans and procedures to contain, eradicate, and recover from security incidents.
- Coordinate with cross-functional teams, including IT, legal, and senior management, to respond to and mitigate security incidents.
- Document incident response activities, including findings, actions taken, and lessons learned, for future reference and improvement.
- Provide guidance and mentor junior members of the latest security trends techniques.
- Stay current with emerging cybersecurity threats, vulnerabilities, and trends to proactively enhance incident response capabilities.
Requirements
- 6 – 10 years of proven experience in Security incident response handling, Vulnerability Management or Penetration testing; a master’s degree can be substituted for experience.
- Practical experience with threat detection, monitoring and incident response and implementation, ability to query and write detection rules, and management of security related technologies, (i.e., SIEM (Qradar / Splunk), SOAR, WAF, AV, Firewalls, Internet-facing services).
- Proven experience in cybersecurity incident response, including hands-on experience with incident detection, analysis, and response.
- Experience conducting technical analysis of security events including Malware analysis, incident triage, escalation, communication, and digital forensics.
- Excellent analytical and problem-solving skills, with the ability to think critically and make decisions under pressure.
- Effective communication skills, both verbal and written, can convey technical information to non-technical stakeholders.
- Familiarity with scripting for automation.
- Strong expertise in gathering and condensing threat intelligence into actionable and meaningful communication materials.
- Bachelor’s degree in information security or information technology or computer science or related fields.
- Experience in public cloud infrastructure such as Microsoft Azure, GCP, AWS.
- Familiarity with security frameworks and regulatory requirements such as NIST, ISO 27001/2.
- Proven experience with products dealing with vulnerability management services which include Tenable, Qualys, Nexpose, etc.
- Demonstrated understanding of information security concepts, standards, practices, including but not limited to firewalls, intrusion prevention and detection, TCP/IP and related protocols, device monitoring and log management and event monitoring/reporting.
- Certifications such as CISM, CEH, GCIA, GCIH, CISSP or equivalent.
- People Management experience is a plus.
- Results focused and attention to detail
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
security incident responsevulnerability managementpenetration testingthreat detectionincident responsemalware analysisdigital forensicsscripting for automationTCP/IPlog management
Soft skills
analytical skillsproblem-solving skillscritical thinkingeffective communicationmentoringattention to detailresults focused
Certifications
CISMCEHGCIAGCIHCISSP