Senior Engineer - Security Operations

Suntory Global Spirits View all jobs

Gurgaon, Haryana
Permanent
Full-time

8 days ago

What makes this a great opportunity?Suntory Global Spirits is a world leader in premium spirits with $5.5 billion in annual revenues and an ambition to become the World’s Most Admired Premium Spirits Company. We have a strong vision and strategy, an incredible brand portfolio grounded in quality and craftsmanship, an unwavering commitment to sustainability and top talent across the organization. We are focused on driving value across key priorities including American whiskey, Japanese Spirits, Scotch, Tequila and Ready-to-Drink. Headquartered in New York City, Suntory Global Spirits is a subsidiary of Suntory Holdings, which is world renowned for delivering quality and excellence across a range of products and categories.The Senior Engineer Security Operations is a supportive member of the Global Information Security team who monitors SIEM platform, is in charge of incident management processes, and is responsible for ensuring tools, software, and hardware are secured and protected from cyber-attacks and are operating efficiently.Role Responsibilities

Effectively monitor and respond to all security events on a 24/7 basis in a global environment

Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress and documenting lessons learned
Serves as an escalation point in the incident handling process
Provide containment support when a security incident is detected to minimize the risk of lateral movement while engaging internal/external stakeholders
Support onboarding and maintenance of a wide variety of data sources to include various OS, appliance, and application logs
Create queries, dashboards, and visualizations to support Organization’s requirements and monitoring of the SIEM deployment
Support troubleshooting and remediation of issues as they arise with data ingestion and SOC infrastructure
Configure and manage Log Collectors as per vendor recommendation and best practices
Self-guided research to track threat actors of importance for security products and services using threat intelligence and threat intel protection technologies and take proactive actions
Deliver Day-to-day SOC services as per the defined processes and SLAs
Develop and maintain automation workflows to improve containment SLAs and end user experience
Serves as
Evaluate and update SOC policies and procedures as appropriate
Deliver required metrics and reporting for senior leadership and program management
Develop relationships with engineering, infrastructure, software engineering, legal and other team members to socialize and align on the emerging program initiatives
Working experience with security vendors and service providers, evaluating new security solutions and conducting POCs

QualificationsDesired Skills and Experience

Preferably seven or more years’ experience in security operations and incident management, including DFIR

Experience working in a 24x7 operational environment, with geographic disparity preferred.
Experience with SIEM, EDR, XDR, SOAR, Threat Intel, Threat Intel Protection, Red Teaming and related Security technologies

Familiarity with different Network. Web Application Firewall and identity and access management threat protection technologies
Solid knowledge of regular expressions and automation workflows
Understanding of data onboarding and ensuring appropriate time stamping and data parsing
Experience working with information security disciplines (e.g., incident response, security infrastructure management, or monitoring services)
Knowledge of cyber-attack stages, including reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation and covering tracks (Mitre, etc)

Additional Qualifications:

Highly effective communicator with ability to influence business units.
Analytical and problem-solving mindset.
Leverages strategic and tactical thinking.
Works calmly under pressure and with tight deadlines.
Is highly trustworthy; leads by example.
Security certifications preferred

Suntory Global Spirits

Apply Now