Assist the CTVM Manager in assessing and ensuring the management of cyber threats and vulnerabilities, as well as the implementation of security controls.
Expected outcome:
Proactive enterprise CTVM program to ensure digital assets and IT environment are secured and resilient.
Job Duties:
- Assist the Manager with the planning, analysis, development of framework and deployment of CTVM program.
- Assist in continuous day-to-day operations of CTVMprogramincluding managing external CTVM service providers and scoping, scheduling, scanning, prioritizing and remediating IT vulnerabilities
- Assist in maintaining a current and comprehensive inventory of all IT hardware and software within the IT environment, including cloud.
- Assist in ensuring periodic static application security testing (SAST), dynamic application security testing (DAST) or any form of application security testing is conducted.
- Assist the Manager in maintaining current cyber threat model
- Assist in identifying dependencies and timelines required to address vulnerabilities, including system patching, deployment of specialized controls, code or infrastructure changes, and changes in build engineering processes
- Assist in the development of policies, procedures and standard operating models for the CTVM program.
- Assist in tracking key performance indicators (KPIs) and key risk indicators (KRIs).
- Assist in data collection and maintenance of technical and management cyber security dashboard.
- Assist in the preparation of periodic reporting to management on the outcomes of the CTVM program.
- Provide technical advisory services to our stakeholders to ensure an enterprise-wide resilient IT environment with regard to cyber security.
Essential Qualifications & Technical CompetenceFormal Education
•Minimum Bachelor’s Degree or Equivalent with specialization in Computer Science / IT Security/ Cyber Security.
Work Experience
• 2 to 3 years of working experience in IT or Cyber Security domains specifically in cyber threat and vulnerability management and cyber threat intelligence.
Skills/ KnowledgeCompetencies:•Reasonableunderstanding of end-to-end cyber threat and vulnerability management processes (e.g.;VM lifecycle) about on-prem IT infrastructure security, application security and cloud security.•Reasonableunderstanding of security frameworks such as ISO27001, NIST Cybersecurity Framework, Centre for Internet
Subodh Popalwar
Software Engineer, Memorres
About Optimum Infosystem
Similar jobs
1.Triage of security alerts that includes but not limited to malware, denial of service, unauthorized access, etc.
2. Conduct incident investigations on SIEM tools.
3. Perform threat hunting on networks to detect and isolate threats.
4. Knowledge of various security methodologies and processes, and technical security solutions (firewall, packet analysis, SIEM and intrusion detection systems)
5. Continuous optimization, tuning and monitoring of SIEM solution
6. Hands on experience around administrating and threat hunting on EDR, XDR, DLP and SIEM tools.
7. Ability to analyze endpoint, network, and application logs
8. Identify false positives, analyse reported spam, phishing, and suspicious emails and understanding of email security concepts: SPF, DMARC, DKIM
9. Immediate Joiners
KubernetesAt F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.
Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.
F5 is looking for a Sr. Security Engineer with experience in building, integrating, operating, and maintaining robust security monitoring and auditing systems. F5’s Edge 2.0 platform provides global, scalable, and secure way to deploy applications. In this position, you will build and maintain monitoring and audit systems across the platform that provide necessary visibility and alerts to effectively defend the platform.
Responsibilities:
- Collaborate with software architects, security defenders, Operations, SRE, compliance experts, and business leaders to understand the logical boundaries of the systems and identify the events to monitor, audits to maintain, alerts to tweak, as well as systems to integrate with
- You will continuously hunt for areas and metrics to be added into monitoring systems for better operational visibility, incident response capability, availability, and forensics capability of the overall platform
- You will participate in the definition of processes around change and inventory management and develop solutions to audit the changes
- You will work with other teams within security organization to define communication and alerting protocols for effective and timely actions
- You will participate in defining and executing the Incident Response Plan for the platform and be responsible for providing necessary information during the response and forensics
- Demonstrate technical leadership in multiple domain areas, providing mentorship to other team members
Minimum qualifications:
- BS degree in Computer Science or equivalent with 5+ years of security operation and monitoring experience
- Experience with logging, monitoring, SIEM, dashboarding tools like AWS GuardDuty, Sumo, Grafana, SolarWinds, DataDog, Splunk, etc.
- Working knowledge of at least one Cloud Computing platform (e.g. Amazon AWS, Microsoft Azure, Google Compute etc.)
- Good understanding of how to handle logs from various systems, integrate with systems handling logs and metrics, how to setup and tune alerts based on thresholds and policies
- Hands on experience with computer programming languages and/or scripting languages such as Python, Java, Shell
- Good understanding of complexities and security challenges in large-scale distributed systems
- Working knowledge of Cloud orchestration systems such as Kubernetes, Openstack etc.
- Self-motivated and willing to delve into new areas and take on new challenges in an enthusiastic manner
- Excellent written and verbal communication skills
- Strong interpersonal, team building, and mentoring skills
Job Description
Cyber Threat Intelligence & Threat Hunting - Subject Matter Expert (B3-2)
Responsibilities:
Perform threat research, create actionable threat advisories, and derive hunting queries based on the evolving threat vectors.
Understand APT groups, Conduct deep dive technical analysis of cyber-attack tools, tactics, and procedures. Create hypothesis and perform active threat hunting.
Minimum Requirements:
10+ years of overall experience, 7+ years of experience in cyber threat intelligence, malware analysis (Reverse engineering)
Hands-on experience with writing threat hunting hypothesis & active threat hunting
Experience with YARA rule and OpenIOC signature creation.
Experience with multi-tiered mission-critical systems.
Experience in opensource sandbox and honeypots.
Preferred Certification
GIAC Cyber Threat Intelligence (GCTI)
C| TIA (Certified Threat Intelligence Analyst)
CCTIA by the NICCS
- Develop efficient strategies to protect the system, the networking infrastructure, data, and information systems against potential threats/cyber risks
- Routinely performing threat analysis, system checks, and security tests
- Defining and updating information security criteria and validation procedures
- Effectively discuss to understand safety and security and fix the problems along with different stakeholders
- To be a security representative or point of contact for all technical deliveries, initiatives, and project implementations.
- To develop technical processes and procedures and promote compliance in line with regulations, corporate policies, or standards as per ISO27001
- Assess technical security risks in terms of impact on systems and service confidentiality, integrity, and availability, and report and escalate results of risk assessments.
- Report any real or potential security breaches/vulnerabilities to various stakeholders and provide technical support during incident response
- Monitor security tools to detect security events & incidents Report and escalate any security breaches to the Information Technology Security Officer
- Operate vulnerability scanning and compliance tools to identify system weaknesses
- Represent IT Security matters at technical and business forums.
Desired candidate profile :
- Relevant experience in the information security field
- Relevant experience working with ISO Policies, and GDPR guidelines.
- Strong knowledge of network architecture and security concepts related to routing
- Exceptional attention to detail
- Excellent analytical and problem-solving skills
- Great team player and able to work efficiently with minimal supervision
- Excellent communication skills, both written and verbal, work with the different stakeholders on strengthening the security risks.
- Able to handle and cope with stressful situations and understands the pressures of a start-up environment
|
• Handling critical incidents/escalations, reviewing incidents and tracking towards closure • Good experience in SIEM tools, event logging and event analysis • Good knowledge in enterprise security products like Firewalls, IPS, Web/content Filtering tools, Compliance tools • Team Management, performance monitoring and prepare reports on weekly, monthly basis and share to stakeholders as needed • Good knowledge about common security attacks, targeted attacks • Good experience in forensic analysis, Packet Analysis tools like Wireshar • Assisting, mentoring L2/L3 analysts and groom them to move to next level • Contribute to continue monitoring and improvement of security posture of the organization • Having experience of managing team of 25+ team members across multiple locations.
|
|
• Primarily responsible for security event monitoring, management and response • Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring • Revise and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs • Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Center • Management, administration & maintenance of security devices under the purview of SOC which consists of state-of-the art technologies • Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring • Responsible for integration of standard and non-standard logs in SIEM • Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. • Co-ordination with stakeholders, build and maintain positive working relationships with them
|
Security Monitoring and Operations (SIEM)
Security Solutions design and deployment
IDAM - Identity and Access Management Experience
Network Monitoring and Management Experience
VAPT - Vulnerability Assessment and Penetration Assessment
Experience on DLP and Endpoint Security
Knowledge on Encryption
Experience in performing Maturity Assessment for identifying the security gaps and recommending measures to fix the gaps
Experience in Audit controls and applying security measures (ISO, PCI etc..)
Knowledge in automation and scripting
Follow CutshortSubodh Popalwar
Software Engineer, Memorres