Infosec Specialist

Bangalore, Karnataka
Permanent
Full-time

2 days ago

ZEISS in IndiaZEISS in India is headquartered in Bengaluru and present in the fields of Industrial Quality Solutions, Research Microscopy Solutions, Medical Technology, Vision Care and Sports & Cine Optics.ZEISS India has 3 production facilities, R&D center, Global IT services and about 40 Sales & Service offices in almost all Tier I and Tier II cities in India. With 2200+ employees and continued investments over 25 years in India, ZEISS’ success story in India is continuing at a rapid pace.Further information at .As a member of Global Security Operations Center, you will be responsible for driving the operational activities of SOC and lead complex investigations, conduct advanced threat analysis, and initiate incident responses activities across various business units. He/she is also responsible for process improvement activities, mentoring the team through training initiatives.Responsibilities

Managing shifts / team in the 24X7 SOC Environment.
Act as a first point of escalation for SOC team and assist with handing out work assignments to the team members.
Handling escalated security incidents/ issues, Responsible for deep dive analysis of escalated incidents, threat hunting.
Highlight potential security risks to SOC Manager and concerned SPOCs.
Maintain and optimize security tools and technologies used within the SOC.
Support Adhoc investigations on need basis.
Identify opportunities for continuous improvement in security operations.
Continuously improve threat detection capabilities, use cases and SOPs.
Support SOC manager for creating new operational guidelines, processes, and procedures.
Mentor and provide guidance to L1 analysts and serves as the POC for escalation issues that may arise.
Support rotational 16x5 operational shifts and on call when needed.

At least 7+ years prior experience as a SOC Lead/Lead Analyst in SOC environment with hands-on experience in performing security monitoring and response activities, incident handling, alert tracking, and/or cybersecurity case management.Process and Technology Skills

Proven experience in handling any of the EDR solution such as Defender or Crowdstrike.
Configure and optimize EDR settings to enhance security posture and ensure effective threat detection.
Analyze threat intelligence and security data to identify trends, patterns, and emerging threats
Capability to recognize different security situations and refine recurring security notifications by finetuning.
Respond to security incidents promptly, conducting thorough investigations and implementing remediation strategies to mitigate risks.
Strong background in incident analysis, evidence collection, documentation, communications, reporting and response.
Ability to manage cloud security controls, including firewalls, intrusion detection systems, and encryption protocols.
Lead and coordinate incident response efforts for cloud-related security incidents.
Collaborate with business and development teams to ensure security best practices are integrated into cloud architecture and deployments.
Proven experience with cloud platforms such as AWS, Azure, or Google Cloud.
Experience in mentoring and training junior analysts, Provide technical and functional support to L1 Team with analytical feedback.
Proven experience in any SIEM tools and/or log management solution
Must have good knowledge in firewalls, IDS/IPS, Anti-Virus, EDR, Proxy, DNS, email, AD, etc.
Good understanding of mainstream operating systems (Windows, Linux, etc) and security infrastructure
Good understanding of log parsing and event analysis (Ability to understand and interpret Windows, Linux OS, firewall, web proxy, DNS log events)
Expertise in creation of reports, dashboards, metrics for SOC operations
Knowledge in developing use cases for security monitoring, threat management and threat modelling.
Knowledge of MITRE or similar frameworks and procedures used by adversaries.
Advanced knowledge of malware operation and indicators
Good understanding of ITIL processes including Incident Management, Change Management and Problem Management
Advanced knowledge of networking fundamentals (OSI Layers, TCP/IP, protocols, and services...)
Sound knowledge in Information Security policies, procedures, standards, best practices, and guidelines
Involvement in threat intelligence and cybersecurity communities.
Deep understanding of Cyber Kill Chain and other applicable analytic models
Optionally, experience in at least one of the following: Python, PowerShell, VBscript.

Other skills

Knowledge and understanding of project management methodologies, processes, and tools.
Strong analytical skills and ability to solve complex technical problems with high attention to detail and accuracy.
Strong team player and ability to work in a challenging and constantly changing environment.
Ability to multitask and work independently with minimal direction and maximum accountability.
Proficiency in verbal and written communication skills.
Proficiency in time management and presentation skills
Proficiency in decision-making and problem-solving skills

Education and Certification

Bachelor’s degree in computer information systems or related field or equivalent demonstrated experience & knowledge.
Professional certification in Information security like Security+, CCSE, CCSP, AZ900 – AZ500 etc, TICSA, MCSE, CISSP, etc. would be advantageous

Your ZEISS Recruiting Team: Upasana Sinal

Zeiss

Apply Now