Navi - Associate Manager - IT Security

Associate Manager - IT Security

- The IT Security Manager will protect Data and Information and by providing timely response to cyber security threats, incidents, and requests for investigations using industry leading tools and practices.

- This leader will focus on Security Orchestration, Automation and Response (SOAR) tools to create alert content, data enrichment, playbooks, runbooks, and/or process improvements to streamline investigations and provide accurate and consistent documentation and response to security events.

- The leader will continuously train and develop training material for junior analysts to be apprised of emerging technologies, threats, attacks, and countermeasures

Job Description :

- Monitor, triage, and create logic to identify and respond to Information security events to track in a case management system.

- Identify, implement, and track necessary tuning of signatures and alerts

- Independently investigate, respond, escalate, and document findings for cybersecurity incidents and support and mentor more junior analysts

- Create processes to review and provide quality control validation for cybersecurity cases, incidents, tasks, and countermeasures

- Work with various teams and stakeholders to mitigate cybersecurity incidents

- Create, update and follow documented processes and runbooks

- Work with the Threat Intelligence team to identify areas for targeted threat hunts, create automated responses, and participate in threat hunting exercises

- Create, lead, and participate in department training exercises (table top, blue and purple team, etc.)

- Configure and manage cyber security instrumentation, create automated processes, and identify and develop alert logic to monitor and respond to security events.

- Participating in an on-call pager rotation for responding to high urgency alerts

Detailed Responsibilities :

- Analyze application, system, and security logs from any log source

- Document forensic investigation and research findings

- Demonstrate clear written and verbal communication

- Work well independently without in-person supervision

- Collaborate with team members across separate geographic locations

- Work well under pressure of cybersecurity incidents

- Build relationships with individuals across the organization

- Read and write scripts in python, javascript, splunk spl, regex, power-shell, or perl, etc.

- Cyber security best practices and trends

- Cyber security Incident Response Lifecycle and methods

- Cyber security risks and controls

- Networking and TCP/IP protocol

- Windows and Linux operating systems

- Cybersecurity architectures and methodologies (Defense in depth, Kill-Chain, NIST, OWASP, etc.)

- Indicators of Compromise (IOC) and Tactics Techniques and Procedures (TTP)

The Successful Applicant :

- 6-8 years of relevant experience in cyber security role

- Bachelor's degree in a technical field (cybersecurity, information technology, computer science, computer engineering, etc. )

- Experience in the banking or financial industry

- Experience using security orchestration automation and response technologies (SOAR) preferably "QRadar".

Preferred Certifications :

- Certified Information Systems Security Professional (CISSP) or Associate of (ISC)

- Certified Cloud Security Professional (CCSP)

- Systems Security Certified Practitioner (SSCP)

- GIAC Security Essentials (GSEC)

- GIAC Certified Intrusion Analyst (GCIA)

- GIAC Certified Incident Handler (GCIH)

- GIAC Certified Enterprise Defender (GCED)

- GIAC Continuous Monitoring Certification (GMON)

- GIAC Certified Forensic Analyst (GCFA)

- GIAC Advanced Network Forensics (GNFA)

- CompTIA Security+

- CompTIA Advanced Security Practitioner + (CASP+)

- Certified Ethical Hacker or Computer Security Incident Handler (CSIH)

- EnCase Certified Examiner (EnCE)

- Access Data Certified Examiner (ACE)

- AWS Cloud Certified Practitioner

- AWS Certified Solutions Architect or Associate

- AWS Security Specialty

- Fortinet Cybersecurity Certification