• US Citizen

• Green Card

• EAD (OPT/CPT/GC/H4)

• H1B Work Permit

• Corp-Corp

• W2-Permanent

• W2-Contract

• Contract to Hire

• Consulting/Contract

• UG :- - Not Required

• PG :- - Not Required

• No of position :- ( 1 )

• Post :- 13th Oct 2023

This job is a member of the Cybersecurity and Technology Risk Management, within the Information Technology Division. The primary mission of Cybersecurity and Technology Risk Management is to increase our resiliency to Cyber Material Loss Scenarios. These include, but are not limited to, disruption of Operational Delivery and Fleet, Customer Data Disclosure, and Reliance on Third Parties.

General Job Description
The CIR (Cyber Security Incident Response) engineer is responsible for the building and supporting the underlying technologies that support the CIR Operations groups as well as producing architecture, enforcing process governance, mentoring, and shepherding of teams seeking regulatory compliance. These technologies include TIP, SOAR, SIEM, EDR, and many other detection and incident response technologies. This role will heavily require scripting and automation skillsets. Experience with DLP solutions such as IBM Guardium is preferred.

Minimum Qualifications - Education & Prior Job Experience
• Bachelor’s Degree in Computer Science, Information Systems, Engineering, Technology, or related field or equivalent experience/training
• Strong Python experience with a Security Background.
• Experience with SOAR is nice to have
• Minimum 5 years of Information Technology related experience
• Minimum 3 years of networking experience
• Minimum 3 years working with SQL and Databases
• Minimum 3 years Windows/Linux experience
• Minimum 3 years of Security or SecOps experience

Preferred Qualifications – Education & Prior Job Experience
• Master’s Degree in Computer Science, Information Systems, Engineering, Technology, or related field or equivalent experience/training
• Cloud experience (IBM and/or Azure)
• Experience with DLP solutions
• Active Directory experience
• Implementation of Performance Monitoring Tools
• Software development
• Scripting experience

Skills, Licenses & Certifications
• Information Security Certification
o Security+
o CISSP
• Ability to script in languages like Python or JavaScript
• Knowledge of how to use Webhooks, API's
• Knowledge of Linux/Unix, Powershell, Basic Windows Administration, Git
• Knowledge of Security Concepts, Mitre ATT&CK Framework, PCI Compliance Requirements
• Knowledge of Networking concepts, services, and protocols
• Knowledge of basic cloud security controls and architecture
• Knowledge of SIEM, EDR, SOAR Platforms, Big Data Platforms
• Understanding of the OSI model
• Experience with Agile methodologies and tools
• Ability to work independently and effectively cooperate with others
• A solid understanding of networking, cyber security concepts, vulnerability identification and cyber threat intelligence is necessary
• Excellent communications skills, that includes the ability to provide formal documentation of analysis and/or research results to include briefings, reports, writing, training of lower level analysts, and editing at a technical/professional level
• Must be detail oriented, well organized, thrive in a sense-of-urgency environment, leverage best practices, and most importantly, innovate through any problem with a can-do attitude
• Aptitude in solving problems independently while also having the openness to work collaboratively