Cyber Security (security Operations Center)

Incident Response Role

Responsibilities for Incident Response:

• Responsible for effectively planning, designing, implementing and monitoring security technologies and projects that support firm’s underlying security policies and procedure. Design, document and implement appropriate security policies and standards that protect firm’s information assets.

• Responsible for implementation, validation and reporting, technical documentation, operation support and reference documentation.

• Review, analyze and respond to security events triggered through automated security monitoring systems. Validate and track security breaches, along with threats to the firm’s logical information, while still allowing for appropriate access. Coordinate responses to information security incidents. Work to reduce information security risks by effectively administering the information security processes across the vulnerability scanning, anomaly detection, intrusion detection, security policy and forensic functions.

• Performs complex and advanced troubleshooting. SME ensures the firm receives expected security and business value by establishing operational support procedures, troubleshooting strategies, training team members for consistent performance.

• Analysis of security events/alerts and investigations of phishing emails, Respond to security alerts in SIEM

• Create documentation/SOP/Run Books for responding to security alerts.

Preferred Qualifications:

• Certifications preferred: Security+, Network+ or any equivalent/higher security certifications.

• Broad hands-on knowledge of firewalls, intrusions detection/prevention systems, anti-virus software, data encryption and other industry-standard techniques and practices.

• Very good understanding of security controls, monitoring systems and regulatory/business drivers that impact security policies and practices.

Working shift -> Rotational shift including Nightshift.