Position Summary:
\n\n
You’ll be a part of Conduent’s Cyber Security Incident Response Team (CSIRT) as a Cyber Operations Engineer III. The CSIRT team provides 24x7 security monitoring and response to cyber security alerts and events. As a CSIRT Incident Response (IR) Analyst, you will utilize multiple security technologies that allows CSIRT members to work collaboratively and efficiently while responding to security incidents and threats.
\n\n
As a CSIRT IR Analyst located in Bangalore, India , you will be responsible for carrying out Security Incident Management processes. This role will be a lead for our weekend team (US overnight and Philippines) and will work alongside other Level III IR Analysts. The shift is 4x10 hour blocks Saturday-Tuesday (8:30am-6:30pm IST).
\n\n
We need someone who can perform responsibilities associated with investigating security incidents escalated from Level I and II IR Analysts, conducting technical investigations for security incidents, providing process improvements, and Incident Management. You’ll partner with Security Engineers to implement and improve technology and process to enhance CSIRT monitoring, investigation, and response.
\n\n
You are the kind of person that can:
\n\n Manage multi-step breach and investigative analysis of advanced threats. \n Serve as an escalation resource and mentor for other analysts.\n Work directly with cyber threat intelligence to convert intelligence into useful detection.\n Work with security partners developing and refining monitoring use cases.\n Work on complex tasks assigned by leadership, which may involve coordination of effort among other IR Analysts. \n Coordinate evidence/data gathering and documentation and review Security Incident reports. \n Identify incident root cause and take proactive mitigation.\n Define required security controls and processes and enforces through the execution of policy documentation, standards, education and awareness, and conducting risk assessments.\n Monitor external regulatory requirements and supports compliance and certification activities.\n Enforce a defense-in-depth methodology in support of the overall enterprise cyber security risk posture. \n Create and develop CSIRT processes and procedures working with Level I and II IR Analysts.\n\n\n
Basic Qualifications for Consideration:
\n\n Bachelor’s Degree from four-year college or university in Information Technology, Information Security/Assurance, Engineering or similar area of study required\n Advanced Knowledge of 0365 mail security and Advanced Threat Protection.\n Minimum of 3 years of technical experience in Incident Response and Management\n Experienced in providing shift leadership and technical guidance to Level I & II IR Analysts in a SOC environment.\n Advanced knowledge and expertise of using SIEM and EDR technologies or platforms for event investigation. \n Experience with incident handling/incident response techniques within a cloud-based environment such as Azure or AWS. \n Exposure and understanding of audit requirements (PCI, HIPPA, GDPR, etc.).\n