Global Head of Cyber Security Incident Response

Internal Role with One of the five largest IT company in India

Job Description

About Global Cyber Security Services

Cyber Security, a key organization within Client Corporate Security, is chartered with managing and directing the security programs focused on the discipline of cyber security design, implementation, analytics, threats, monitoring, and response across the organization. Our core services are focused on assuring the security of the computing environment, protect customer and employee confidential information, and comply with regulatory requirements globally. This is accomplished through strong information risk governance, active collaboration with business risk managers, and providing high quality security solutions and services which enable improving the organization's overall risk posture.

About Cyber Security Incident Response

The Computer Security Incident Response Team (CSIRT) is a global team that manages all computer security related incidents across the firm. CSIRT's mission is to provide immediate and efficient response to computer security incidents ranging from intrusions, malware, DDoS, unauthorized access, insider attacks and loss of proprietary information. The CSIRT Team is part of the Global Cyber Security Services organization and maintains strong relations with all Line of Business technology groups. Additionally, CSIRT is responsible for Cybe rSecurity Threat & Intelligence assessment. CSIRT conducts research and liaisons with partners in the Intelligence Community and Law Enforcement Community to develop and deliver responsible and timely protective cyber intelligence threat assessments.

Position Description

The individual will be responsible for management and oversight of the collection and analysis of threat intelligence, security monitoring and incident response.

- Be a recognized subject matter expert in the area of security incident response and analysis of security events from multiple sources including but not limited to events from Security Information Monitoring tools, network and host based intrusion detection systems, firewall logs, system logs (Unix and Windows), mainframes, mid-range, applications, and databases.

- Demonstrable knowledge and documented experience relating to cyber intelligence threat analysis involving actual and alleged instances of information collection or physical damage/ system compromise achieved through cyber means, and trends in cyber intelligence collection including dynamic cyber capabilities of foreign actors – both national and sub-national, extent to which private sector cyber intelligence collection and analysis informs infrastructure protection, and evolving cyber targeting tools.

- Experience in conducting time-sensitive, single-topic threat analyses.

- Be able to mentor and server as a management and technical escalation point for staff managers and analysts.

- Lead the response to Cyber Security threats and incidents for the collection, analysis, and preservation of digital evidence.

- Communicate and escalate issues and incidents as required to all levels of management.

- Assemble and coordinate with technical teams and third-parties to resolve incidents as quickly and efficiently as possible.

- Ensure that all incidents are recorded and tracked to meet audit, compliance and legal requirements.

- Conduct root cause analysis to identify gaps and recommendations ultimately remediating risks to the firm.

- Gather and analyze forensic evidence for all computer security incidents.

- Provide expertise and knowledge of current industry trends in technology and cyber security risk standards to improve the security posture across the firm and with Cognizant’s business partners.

Qualifications

- 10+ years of IT Security experience (including hands-on knowledge of network, mainframe, mid-range, and distributed systems security)A sound understanding of TCP/IP and networking concepts.

- 10+ years of direct management experience.

- Experience managing in a complex matrix organization, will need to coordinate and partner across Clients groups, geographic regions and other Lines of Business, while driving a specific Cyber Security agenda.

- Comfort working at all levels of seniority, both within the Cognizant organization or other client institutions, industries or government entities.

- Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management.

- Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs).

- Subject matter expert (SME) in one or multiple areas such as Windows, UNIX, mid-range, mainframe, firewalls, intrusion detection, threat detection analysis, and/or information risk management.

- Understanding of network design principles with and knowledge of the OSI model.

- Network, Security, or Platform certification(s) (S+, N+, MCSP, CNA).

- Certified Forensic Examiner (GCFA-GIAC, CCFP, etc.)

- Experience assisting the resolution of customer escalations, incident handling, and response

- Experience in a fast paced, high stress environment.

- Ability to think strategically, work with a sense of urgency and pay attention to detail.

- Ability to present complex solutions and methods to a general community.

- Independent thinking, willingness to "step outside the box" and take reasonable, calculated risks.

- Must be reliable and adaptable.

- Excellent written and verbal communication and organizational skills.

This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.