Job Details
Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:
Skills And Tools:
Job Description
- Respond to and investigate security incidents & Reporting real-time threats and detection
- Responsible for execution of incident response playbook for escalated response processes
- Incident escalation and response from internal sources or third-party security providers.
- Continuously review SIEM dashboards, system, application logs, and custom monitoring tools
- Propose refinement to security tools to increase the value and decrease the false positives.
- Deliver accurate and timely security investigations and responses
- Document incidents from initial detection through final resolution
- Proactively identify IOCs and generate and execute Incident Response Plan upon detection
- Daily Review Security Reports
- Maintaining an up-to-date knowledge of threats and vulnerabilities
- Maintaining various Account privileges/admin tracker.
- Understand our network and services, and the latest threat intelligence including specifics on attacker TTP (Tactics, Techniques, and Procedures) to perform effective triage.
- Build and maintain relationships with internal and external stakeholders to enhance Profit Protection relationships, drive compliance and promote knowledge sharing
Job Requirements
- Bachelor's degree in Engineering or Computer Science.
- 3 - 5 years of related Cyber security professional experience in handling /responding to cyber incidents
- Prior experience working with SIEM (Splunk, Elastic)
- Good awareness of the cyber security landscape with a competent analytical mindset, malware analysis, and root cause.
- Experience with endpoint protection tools (EDR)
- Experience with Computer, Network, Web Defense tools, processes, and procedures.
- Have a good understanding of Threat Intelligence and attack vectors against financial/retail services.
- Excellent oral and written English & communications skills
- Incident management experience
Any of the following professional certifications: eCIR, eCDFP, eCTHP, CEH, CompTIA Security +, SANS GIAC (ECIH, GCFA), and Microsoft, Linux, Networking, or related certifications - an advantage