Cyber Security - Insider Risk Technical Engineer
- Augusta Infotech
- 3 - 6 years
- Bengaluru
- 1 year ago
- Email to a friend
- Report this job
Job Description
- The successful candidate will be experienced in security operations, understanding the importance of the data loss controls, insider risk policies and automated security actions and how this protects the sensitive business data and can enhance an analysts response to
- events. This is a critical role expected to build and maintain our data loss and insider risk controls portfolio and help mature our monitoring and response processes.
- The successful candidate will be comfortable working at a technical level, proactively suggesting, designing, and implementing data loss policies and improvements to the existing controls whilst also being able to prioritise backlog engineering work (mainly sourced
- from our false positive detection). Will also demonstrate integration implementation of data loss and insider risk tools with SIEM and SOAR platforms. Understand insider risk analysts workloads, experience in simplifying and automating security actions. The role will
- be supported by a strong security leadership team who are keen to develop our controls underpinned by our investment in leading security tooling. Our leadership team will be looking at this role to significantly decrease our time to respond and reduction of false positives - a key KPIs for us.
Key Responsibilities
- Ensure data loss controls are kept up to date, analysing and utilising new tools features as they are released
- Research and propose the data loss controls for various channels
- Engineer and implement the data loss controls to support protecting data
- Focus on integrations with SIEM and SOAR solutions to gain visibility of controls and to design automation
- Working as part of a global insider risk team to deliver solutions to reduce manual dependencies on the workload
- Proactively identify the policy fine tuning opportunities from Business As Usual (BAU) activities
- Focus on quick wins that can immediately help free up analyst time
- Create regular workshops to obtain suggestions and demonstrate improvements and provide regular training to the team on newly
- implemented controls
- Ensure our security controls are integrated with each other - sharing information rather than silod controls
- Working with other security teams to look at how we can use their data to enhance our own monitoring
Experience and Qualifications
Experience and strong understanding of frontline security operations
Experience in designing and implementation of the Data loss controls in industry known tools (e.g. Microsoft Purview, Proof Point)
Competent in scripting languages required for automation e.g KQL, Regex, PowerShell, Python, etc
Experience in working on integrations with SIEM platform and workflows on SOAR platform
Reporting ability, with an understanding on how to tailor reports to show capacity and efficiency improvements
Understanding of how business data can be exfiltrated outside the enterprise, flow between technologies and be manipulated to provide useful security information.
Experience in Microsoft Purview, Compliance Manager and Security Manager
Strong communication skills with evidence of being in a position responsible for taking feedback from technical teams and turning this into improvements.
Banking or Finance industry related experience desirable
Data Loss tools certifications preferred
Soft skills
Analytical skills
Challenge the current processes
Team player
Time management
Your skills and experience
At least 3 years of experience working in a SOC or Incident Response position.
At least 1 year experience in Microsoft Compliance Manager
Knowledge of or experience working with security (SIEM, DLP, SOAR)
Experience explaining the risk of security threats and creating mitigations.
Experience of general IT infrastructure technologies and principles.
Understanding of the underlying protocols including HTTP, HTTPS, SMTP.
Understanding of Networking Architecture (OSI Model).
Experience using data science or advance analytical tools to solve security incidents.
Programming experience (PowerShell, RegEx)
Nice to have
Experience dealing with security incidents using the NIST and MITRE ATT&CK framework.
Nice to Have Certifications - Microsoft SC400, SC900, Security+, GCIH, GCFA, GMON, GNFA, SSCP, OSCP
Experience in ServiceNow Security Operations Module
Industry:
IT/Computers-Software
Role: Cyber Security - Insider Risk Technical Engineer
key Skills : KQL,Dlpmicrosoft security,SOAR,McAfee, Networking Architecture,Microsoft PurviewSC400Microsoft SC400,NIST,SC900,Microsoft Purview Compliance Manager,Symantec Endpoint Protection
Education : B.Sc/B.Com/M.Sc/MCA/B.E/B.Tech
Job Classification
Industry: IT Services & ConsultingFunctional Area / Department: IT & Information SecurityRole Category: IT SecurityRole: Cyber SecurityEmployement Type: Full timeContact Details:
Company: Augusta InfotechLocation(s): Bengaluru+ View Contact
Keyskills: SMTP Automation Networking Powershell SOC Analytical HTTP microsoft Monitoring Python
Fraud Alert to job seekers!
₹ Not Disclosed
Similar positions
Augusta Infotech
Augusta Infotech Augusta Infotech is a leading Executive Search and Recruitment service provider for IT and Non-IT staffing needs. We have been part of talent acquisition teams with several corporate organizations for the past two decades as an internal stakeholder and as a service provider. Es...
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in