You will be an integral part of our Information Security team, responsible for ensuring the real-time monitoring and security posture of the firm's cloud infrastructure across Azure, AWS, and GCP; You will perform investigation and escalation for complex or high severity security threats or incidents and handle and analyze security issues/threats in Azure/AWS/GCP cloud.
You will be acting as an escalation point for Tier I analysts and further analyzing events of interest.
You will ensure that all identified events are promptly validated and thoroughly investigated.
You will Collaborate with technical teams to identify, resolve, and mitigate events.
You will provide advice and guidance on the response action plans for information risk events and incidents based on incident type and severity.
You will assist with containment of threats and remediation of environment during or after an incident.
You will work with SIEM Engineering and other security partners developing and refining correlation rules and regularly develop new and interesting use cases for future SIEM logic.
You will deliver timely and detailed documentation related to any incident including the findings, review, and follow-up activities.
You will participate in the creation, modification and maintenance of all Cyber Monitoring policies and procedures and keep abreast of cyber security trends and the emerging threat landscape in general and as it relates to Client.