Job Purpose (Job Summary) : The Team Lead role is accountable for identifying, declaring, and managing high- priority cyber- security incidents including managing actions required for containment, eradication, and recovery. The Team lead manages a 2- 6 people analyst team, and conducts basic forensic analysis, physical/ virtual evidence captures, and chain of custody management. Oversees external Incident Response partner assistance with forensics and incident response for major cyber incidents. Key Responsibilities / Duties: Take action on alerts, events, and incidents escalated from the Level 1 & 2 Analysts Act as a lead for the shift and technical subject matter expert Motivate and coach direct reports on day to day tasks Triage malware incidents, their priority and the need for escalation Monitor for emerging threat patterns and vulnerabilities Assist with recommendations and workarounds Coordinate with other external stakeholders Communicate with management on incident updates Able to own the training plan and continual process improvement for the analyst team Able to own the incident management lifecycle and instruct others on its workflow Establish and maintain intrusion detection and policies and offense rules Tune response and alerting mechanisms Import new signatures from manufacturer Provide status reports to applicable management Have a thorough understanding of technological requirements for client systems and provide guidelines to effectively mitigate security risks Analyze and assess Firewall policy and rule base sets Handle emergencies 24×7 Other duties as assigned Working Conditions: Normal office environment with little exposure to noise, dust and temperatures. The ability to lift, carry or otherwise move objects of up to 10 pounds is also necessary. Normally works a regular schedule of hours, however hours may vary depending upon the project or assignment. Hours may include evenings and/ or weekends and may include 24 hour a day on call support by pager and/ or cell phone. Willingness to travel both domestically and internationally. Frequency and duration to be determined by manager.
Salary: Not Disclosed by Recruiter
Industry: Banking / Financial Services / Broking
Functional Area: IT Software – Network Administration, Security
Role Category: Programming & Design
Role: Team Lead/Technical Lead
Employment Type: Permanent Job, Full Time
Desired Candidate Profile:
Work Experience / Knowledge: Minimum of 4 years enterprise architect, or similar experience with at least 3 years in the financial services vertical. Skills / Other Personal Attributes Required: Experience working within a SOC environment Ability to lead a group of 2- 6 Level 2 Analysts Prior experience of network analysis tools, scripting languages, software vulnerabilities, exploits and malware Prior experience of network traffic analysis for identifying any developing patterns Ability to assume leadership role on ad- hoc basis for managing Level 1 Analysts Experience of working in a high volume and result- oriented operational environment Ability to read and understand system data including security event logs, system logs, application logs, and device logs, etc. Possess solid understanding of enterprise grade technologies including operating systems, databases and web applications and applicable monitoring tools (e.g. SIEM, DLP, Internet filtering/ blocking, IDS/ IPS, firewalls, Anti- Virus, encryption technologies) Demonstrated network traffic analysis capabilities for identifying any emerging patterns Network infrastructure knowledge Security configuration knowledge Must be willing and able to perform 247 on- call duties as needed Proficient operational understanding of how to ascertain, validate, and employ data from sources that are generally available to the public Fluent in the techniques that actors utilize to attack an organization and understand how to pull information from large data sets and how to structure information for reuse Proficient knowledge of collection and analysis methods as well as knowledge in multiple tools, utilized for data correlation Ability to communicate assertively verbally as well as in writing- technical information clearly and concisely, commensurate with the audience Maintain strict confidentiality of all security issues Must be assertive, methodical and detail oriented Ability to multi- task and work on more than one initiative at a time Flexible able to meet changing requirements and priorities Maintain current knowledge for all applicable technical areas Formal Education: (minimum requirement to perform job duties) A Bachelors Degree in Management Information Systems or Computer Science is preferred or commensurate relevant work experience License/ Registration/ Certification: (minimum requirement to perform job duties) GIAC Certified Incident Handler (GCIH) or CISSP in good standing
Education:UG -B.Tech/B.E. – Computers
PG – M.Tech – Computers
Invesco (Hyderabad) Pvt Ltd
Invesco Ltd. is a leading independent global investment management firm, dedicated to helping investors worldwide achieve their financial objectives. By delivering the combined power of our distinctive investment management capabilities, Invesco provides a wide range of investment strategies and vehicles to our clients around the world. Operating in more than 20 countries, the firm is listed on the New York Stock Exchange under the symbol IVZ.
Contact Company:Invesco (Hyderabad) Pvt Ltd