What you will be doing:
- Participate in network and security initiatives, network designs, project plans, and deployments as well as coordinating technical issues with vendors and internal teams
- Contribute to design, installation, maintenance, vulnerability remediation, and monitoring of network and security systems
- Responsible for expert-level troubleshooting of any problems relating to global issues - participation in security incident management and response.
- Providing support and guidance to Technology teams across network and security technologies.
- Adhere to IT access-management incident response and change control procedures (ITIL)
- Continuous documentation of the IT network infrastructure including technical specifications, design documents, roll-out, and disaster recovery plans
What we are looking for:
A Network Security engineer with a solid comprehensive background in:
- Ability to manage, supervise and delegate multiple tasks
- Strong experience with SIEM and log management
- EDR (Endpoint Detection and Response - especially in Microsoft ATP, Defender or SentinelOne) configuration and management.
- Vendor management; including SOC (Security Operations Centre) providers
- Global Security Incident management support
- Experience in SD-WAN (Meraki) management and troubleshooting
- Knowledge of network security, hardening network equipment, and vulnerability scans
- Experience in Microsoft security and endpoint management tooling such as MCAS and MEM
- Excellent troubleshooting skills. Ability to rapidly identify respond to and resolve issues
- Proven experience in remote access technologies (ZScaler an advantage)
- Excellent communication skills (written and verbal).
- An ability to work under pressure and take ownership of tasks and customer issues.
- Ability to work individually and as part of a global Infrastructure Technology team with regional teams in India, UK and North America.
About travelopia UK
Similar jobs
Key Responsibilities
3-5 years of experience is a must
Should be hands on in all aspects of IT Recruitment (Sourcing, screening, coordinating, negotiation, on-boarding etc)
Searching for and Approaching Suitable Candidates.
2-4 years of solid experience in vendor management.
Managing the Interview, Assessment, and Shortlisting Processes.
Maintaining a Database.
Preferably from corporate hiring background.
Coaching and Mentoring Junior Recruiters.
Excellent communication skills are mandatory.
Good team player.
Education:-
Bachelors or Equivalent
Job Description
Cyber Threat Intelligence & Threat Hunting - Subject Matter Expert (B3-2)
Responsibilities:
Perform threat research, create actionable threat advisories, and derive hunting queries based on the evolving threat vectors.
Understand APT groups, Conduct deep dive technical analysis of cyber-attack tools, tactics, and procedures. Create hypothesis and perform active threat hunting.
Minimum Requirements:
10+ years of overall experience, 7+ years of experience in cyber threat intelligence, malware analysis (Reverse engineering)
Hands-on experience with writing threat hunting hypothesis & active threat hunting
Experience with YARA rule and OpenIOC signature creation.
Experience with multi-tiered mission-critical systems.
Experience in opensource sandbox and honeypots.
Preferred Certification
GIAC Cyber Threat Intelligence (GCTI)
C| TIA (Certified Threat Intelligence Analyst)
CCTIA by the NICCS
The Incident Response Senior Principal Analyst leads a team of experts with diverse skill sets across areas such as Security Operations Center (SOC), Forensics, and other applicable technical Subject Matter Expert (SME) resources. The IR Senior Principal Analyst is specifically tasked with managing all aspects of an Incident Response engagement to include incident validation, monitoring, containment, log analysis, system forensic analysis, and reporting. The IR Senior Principal Analyst is also responsible for developing and sustaining strong relationships with our clients, and client’s counsel to ensure the engagement’s objectives and expectations are met and executed successfully as documented in the statement of work. The incumbent of this role should display a strong foundation of technical expertise in Cybersecurity, Incident Response, and Digital Forensics to successfully execute the responsibilities associated with this role.
ROLES AND RESPONSIBILITIES
- Supports the management of the technical aspects from client setup and kickoff to supporting the reporting process.
- Co-leads project scoping calls to accurately collect information from the client concerning the incident to include but not be limited to the client’s environment, size, technology, and security threats. Responsible for capturing all client’s expectations and objectives throughout the engagement to ensure successful engagement delivery.
- Organize and maintain an inventory of requests sent to the client to include at a minimum public IP ranges, requested information (including systems for collection), collected logs, systems Skadi or full systems, and any other requested made of the client by Arete or counsel.
- Works directly with the client and other Arete team members to preserve and collect artifacts for forensic analysis.
- Engages in communications with the TA for negotiation and recovery of decryption keys or manages the ransomware specialist team.
- Ensures deadlines are met and timely update meetings are established with client and counsel.
- Responsible for quality control over the budget of engagement and proactively identifying the need for addendums for engagements. Discusses with counsel before provided addendum.
- The main point of contact who manages and participates in all communications with the client and client’s counsel during the engagement. Assists with the development of communications.
- Supports the management and coordination of all technical efforts for the IR engagement to drive the process forward through; tool deployment, ransomware decryption, restoration, and recovery efforts, system rebuilds, system, application, and network administration tasks.
- Coordinates with the Ransom Specialist when ransom negotiations are needed. Ensures updates regarding ransom status are delivered to the client and counsel in a timely fashion.
- Manages and coordinates the onsite efforts with the Onsite Lead or team ensuring they understand and can execute the objectives for the onsite work. Additional responsibilities with onsite efforts include ensuring communications are frequent and getting the daily onsite update communicating these back to the IR Director and/or IR Ops Associate for their Tiger Team.
- Co-manages restoration team when engaged with the client for recovery of systems, data collection, and SentinelOne (S1) deployment.
- Partners with the Forensic Lead to coordinate additional data collection requests pertinent to the investigation.
- Communicates in tandem with the Forensic Lead relevant findings to the client during the investigation.
- Designs and executes a strategy to install S1 and live response data within the SLAs set by Arete.
- Manage the SOC for accurate reporting of S1 metrics from threats to checked-in systems based on the need from the client.
- Follows up with the SOC Lead on SentinelOne alerts and encourages/coordinates client participation with the product.
- Organizes the updates for client and counsel and acts as the "quarterback" for leading update calls when prompted by counsel; maintains an organized and methodical approach for providing updates from negotiations, system restoration, data collection forensics, and closeout. Accountable for final report review, ensuring the report is accurate, professional, and meets the objective of client counsel.
- Can troubleshoot instability issues within infected operating systems and stabilize the system for continued recovery.
- Cross trains across the IR services within SOC, IR Lead, Forensics, and Restoration.
- Supports peers and IR Directors within the engagement lifecycle. Familiarizes oneself with the negotiation tactics and communications with threat actors.
- Other duties as assigned.
DISCLAIMER
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of all responsibilities, duties, and skills required personnel so classified.
SKILLS AND KNOWLEDGE
- Experience delivering consulting engagements in a fast-paced environment
- Experience leading scoping calls
- Strong background and practical hands-on experience with Windows or Linux System and Network Administration, Security DevOps, Incident Response and Digital Forensics, or Security Engineering
- Practical experience performing in a functional role including but not limited to one or more of the following disciplines: computer forensics, Incident Response, data analytics, Security Operations, and Engineering, Digital Investigations
- Knowledgeable of collection methodologies and tools.
- Comfortable working within various OS including Windows, Linux, and OSX
- Organized communications and notes
- Communicates clearly and concisely
- Generally knowledgeable of the multiple services that comprise an IR investigation
- In-depth knowledge of the ransom negotiation process and details it accordingly to clients
Responsibilities:
The Senior Information Security Engineer is responsible for the implementation, execution and maintenance of technology solutions to mitigate risk, to protect the IT and Engineering environments by reducing the probability of, and to minimize the effects of, damage caused by malware, malicious activities and security events.
The individual will help protect the company by deploying, tuning, and managing security tools across the computing environment, as well as provide security incident response cycle support. They should have a passion and skills for identifying the latest cyber threats. The individual will:
Basic Qualifications
- Working knowledge of infrastructure-as-code and CI/CD pipelines tools (i.e. Jenkins, Teamcity, CircleCI etc..)
- Lead and participate in major day-to-day operational aspects of the security engineering team including improvement of current security controls while constantly identifying areas of needed improvement
- Deep hands-on security experience with cloud providers, such as AWS, GCP, Azure
- Understanding of automated security testing approaches and tools
- Experience with proactive integration of security into the development process
- Lead continuous improvement efforts of out security tools and systems (Concertation on SIEM, IDS, EDR Tools)
- Work with our customers (Security Operations, Incident Response, and Product teams) to incorporate high quality security alerting into their operational workflows
- Improve overall security practitioner efficiency through process automation
- Foster and promote collaboration among all members of the IT, Infrastructure, and Risk Management Departments.
Minimum Qualifications/Requirements
- BS or MS in Computer Science or related field
- Minimum 7+ years of cybersecurity experience
- Must have previous experience performing threat hunting and incident response duties using SIEM tools, cybersecurity management consoles, and ticketing systems
- Experience in deployment, development, and maintenance of SIEM
- Experience writing and using Ansible server administration scripts, and create simple Python, BASH, or Powershell scripts to automate cybersecurity functions
- Scripting experience to automate security operations, alerting, and compliance checks, CI/CD design, deployment, and management
- Experience with managing endpoint response and detection infrastructure and endpoints at the enterprise level, including performing upgrades to the back end application and deploying new agent versions to endpoints
- Understanding the investigative process and performing triage for cybersecurity incidents
- Experience maintaining industry leading security technologies or infrastructure systems in complex technical IT operations environment
- Must be detail-oriented and organized with ability to handle competing demands while meeting deadlines
- Experience in authentication protocols and frameworks to include OAuth, and AWS IAM
- Proactive and motivated; team player with a positive can-do attitude
- Strong analytical/problem-solving skills and cross-functional knowledge across multiple IT operational and security disciplines
- Ability to communicate technical concepts to a broad range of technical and non-technical staff
- Must possess a high degree of integrity, be trustworthy, and have the ability to lead and inspire change
What is the mission of the role? |
|
You are expected (through your processes & activities) to deliver world-class customer experience. Mission: The purpose of the role is to implement and troubleshoot Information Security products of 22by7 customers either on-site or remotely. Preparing Plan of Action (PoA), Scope of Work (SoW), and implementation documents. Carry out the technical activities thus ensuring Customer Satisfaction. |
|
· Troubleshooting L1/L2/L3 tickets and submitting the RCA. · Implementing information Security products and submitting the reports. · Presenting the appropriate solutions at customer meetings. · Keeping well informed of general technical developments, company products and services. · Maintaining accurate up to date reporting using the company systems and providing ad-hoc manual reporting where required. · Ensuring that product, technical and market knowledge is kept up to date by reading literature, networking, attending training courses, liaising with other colleagues and sharing unique knowledge with the rest of the company. |
|
Who are your key stakeholders? |
|
To achieve the outcomes of the role, you key transactional stakeholders internally are: - Team Lead - Product Managers - Solutions Architects |
|
You will be expected to create strong positive relationships with the customers you work with, in a capacity to help the organization service them better. |
|
What are you accountable for? |
|
You are accountable for end-to-end solutioning for client needs, including documentation, implementation, deployment & reporting.
|
|
|
IT Security Manager- 8-12 Years
NOTE - We are looking for those candidates who can join immediately or within 15-20 days of the notice period.
Key Responsibilities:
• Lead IT security projects including design and implementation of security infrastructure &software
• Experience working with Linux/UNIX administration"
•
• Define next gen IT security strategy, architecture, and processes for the group
• Analyse business requirements by partnering with key stakeholders across the organization to develop security solutions
• Lead validation of BCP & DR as per the organizational needs
• Experience with framing apolicies, processes and procedures and their implementation of IT Security for both On premise and Cloud infrastructure
• Write or review security-related documents, such as incident reports, proposals, and tactical or strategic initiatives.
• Maintain and manage security for all existing and new IT infrastructure and Applications
• Monitor security performance of information technology systems to drive cost and productivity levels, and to make recommendations for improving & standardization of the IT infrastructure
• Develop strategies for infra and application hardening
• Hands on experience with implementation of various security products & infrastructure
• Testing, troubleshooting, and modifying and ensure no performance impact on the systems so that they operate effectively
• Prepare plan and strategies to ensure security of the organization including both high and low risk events.
• Develop budgets for security operations and new initiatives.
• Coordinate security operations, Audit & Compliance activities along with law enforcement and government agencies.
• Ensure completeness of documentation and have exposure to ISO 27001, ISMS policies
• Work with key IT service providers to ensure industry standard platform, network and endpoint security posture
Key Skills required:
• Critical Infrastructure Management- (Manage SPI, Certification resources and infrastructure)
• WAF – Barracuda, Cloudflare, Akamai
• Cloud Security – AWS and Azure are preferred
• Work with Software and teams in resolving vulnerabilities
• SSL and PKI infrastructure management
• SIEM – Event Management, Endpoint Management, Threat analysis, patch Management
• Anti-Virus (VDC and Global Endpoints)- Web content filtering, Definition updates,
• Time Monitoring – system health checks and resource utilization checks, SIEM log analysis
• Log Monitoring and Log Analysis – collect, alert, store, search, report and share system and WAF logs
• Manage compliance – PCI, ISO
• Ability to work in global environments with teams spread globally
• Multi-tasking and time-management skills, with the ability to prioritize tasks.
• Highly organized and detail oriented.
• Excellent analytical and problem-solving skills.
• Experience with framing policies, processes and procedures and their implementation of IT Security for both On premise and Cloud infrastructure
experience with policies
• blue team (any experience with defending the network)
any experience with vulnerability assessment and PT
REQUIRED CITIZENSHIP / WORK PERMIT / VISA STATUS:
Should be currently based in Japan with Valid work visa
MUST HAVES:
Experience Required:
- LAN/Wireless LAN based skills(over 3 years experiences)
- Firewall based skill (over 3 years experiences)
- Server based skill (over 3 years experiences)
- WAN/Internet based skills (over 3 years experiences)
*
- Required General Skills:
- Fluent in Japanese(both written & verbal) and English(reading & written)
Job role :
- · WAN, LAN, Wireless LAN, Firewall, ServerWork Contents;
- · Support Design and Implementation
- · Create documentation or basic design and detail design
- · Join required meeting(Internal, External)
- · Management Change(Create and close change record)
- · Test(Unit, Integrated) in on-site
- · Create the result of test document
- · Create change procedure
- · Installation equipment in on- site
- · Support soft MACD from remote site
- · Create operation manual
- · Support problem management
- · Support inventory management
- · Support configuration hencmanagement
- · Support reporting
- · Cisco Router/Switch/FW (MPLS, BGP, OSPF, STP, VLAN, QoS, VRF)
- · Juniper Router/Switch(SRX/EX/QFX)
- · Server (Linux,)
- · Wireless (CAPWAN)
Security Monitoring and Operations (SIEM)
Security Solutions design and deployment
IDAM - Identity and Access Management Experience
Network Monitoring and Management Experience
VAPT - Vulnerability Assessment and Penetration Assessment
Experience on DLP and Endpoint Security
Knowledge on Encryption
Experience in performing Maturity Assessment for identifying the security gaps and recommending measures to fix the gaps
Experience in Audit controls and applying security measures (ISO, PCI etc..)
Knowledge in automation and scripting