Lead - Cyber Security Operations
Orica
- Hyderabad, Telangana
- Permanent
- Full-time
- Lead a team of security analysts and engineers in Orica India and allocate tasks to ensure the most optimal level of service delivery.
- Liaise with stakeholders as required to ensure successful delivery of tasks and enhancements.
- Provide technology leadership, keeping up-to-date with industry and market trends, new ways of working and opportunities.
- Encourage staff to seek innovative technologies and solutions to improve Orica cyber posture.
- Continuously seek improved ways to work and efficiencies within team.
- Support the Cyber Security Operations Lead in Manila with delivering tasks.
- Provide technical assistance and advice to support the implementation of improvements and projects as required.
- Promote experimentation and learning within the team.
- Provide support and guidance to the team to deliver the cyber security roadmap and build a cyber security culture across Orica.
- Adopt best practice people management philosophy to motivate and inspire through high performance- performance management, providing meaningful feedback, mentoring, coaching and development.
- Champions team engagement and promotes high performance by motivating and enabling people to make the necessary changes to efficiently deliver our organisational strategy.
- Expected to be available to be on call if necessary to support escalation and priority cases arising across multiple time zones.
- Ensure Security infrastructure and systems are engineered with security best practices, leverages efficient and relevant technology to best meet business objectives and end-user needs.
- Lead operations management of security, including:
- Manage incidents throughout lifecycle in a SIEM platform.
- Own day-to-day security incident management processes.
- Perform active detection and management of threats across the infrastructure.
- Make recommendations to senior staff on action plans for incidents.
- Take a lead role in critical incident handling alongside incident response handlers.
- Lead remediation activities for recurring incidents via problem management processes.
- Proactively manage security systems, including:
- Ensure all security systems are proactively maintained in a supported state.
- Develop, monitor, and maintain the automated alerting between security systems and Service Delivery platform (ServiceNow).
- Contribute to driving high levels of automation across IT Operations.
- Continually improve delivery of security services, including:
- Perform continual improvement of security processes and procedures.
- Monitor and update security systems configuration.
- Drive self improvement and personal training and awareness of threat landscape.
- Support projects and change, including Review Technical designs and deliver security assessment and recommended technical controls.
- Develops and lead a team with the right capabilities, experience, and behaviours to successfully implement the strategy and growth of individuals.
- Coach, support, and lead the team.
- Tertiary qualification in IT discipline, or commensurate training and experience.
- 7-10 years' experience in an enterprise level Security Operations Centre (CSOC) or similar.
- Experience in Ethical hacking techniques.
- Experience in threat hunting and security monitoring.
- Operational knowledge and experience of security operations and the SIEM platform.
- Experience with ITIL processes specifically operational processes (Event, Incident, Problem, Access, Techncial, management) for the systems listed below as expert domain knowledge.
- Expertise/knowledge in one or more of the following:
- Network : SDN / WAN / LAN infrastructure.
- Network Equipment: Riverbed, Cisco Routers, Switches, Firewalls.
- Expert level domain expertise in one or more of the following:
- CrowdStrike EDR, Falcon Discover, Crowdstrike ITDR, Chronicle SIEM, Bitsight EASM, Qualys VMDR and Webscans, Skybox Firewall Assurance Management, Zsacaler Proxy, Zscaler Private Access, Proofpoint Email Gateway, CIS Hardening, Orca CNAPP.