KEY ACCOUNTABILITIES
Monitor and investigate cyber security events
- Monitor SIEM and other tools for potential threats, intrusions, or compromises
- Demonstrate ability to work in 24x7 facility in rotating shifts.
- Thorough knowledge and adequate experience on Security Incident Event Management (SIEM) system and SOAR Technologies.
- Good understanding of networking fundamentals protocols.
- Good understanding of Cyber Security principles and MITRE framework.
- Deep understanding on Phishing tactics and Windows endpoint investigation.
- Analyze malware in a sandbox environment to understand impact
- Achieve containment time SLA defined.
- Escalate cybersecurity events according to General Mills Cybersecurity Incident Response Plan and follow escalation path.
- Quick learner, good analytical skill and action oriented.
- Agility in incident response.
Maintain quality and consistency
- Perform peer review of events as a part of audit requirement.
- Participate in projects for Process streamline.
- Participate in Detection finetunings.
- Make timely and high-quality decision.
- Collaborate across Cyber and different functional verticals.
- Create better solutions through tireless curiosity and innovation stretching beyond your area of expertise.
Must-have Technical Skills and Experience
- Demonstrate ability to work in 24x7 facility in rotating shifts
- Demonstrated ability to get things done both independently and in a collaborative, team-oriented environment.
- Understanding of networks, network security (IDS/IPS/Firewall etc.), SIEM, SOAR and Endpoint detection and response (EDR).
- Handson experience in incident response processes and tools to detect, analyze, respond, and contain cyber security threats quickly and correctly
- Understanding in forensic techniques used to analyze threats (including malware), to extract key indicators of attack and compromise
- Knowledge in tools and techniques used by attackers to gain unauthorized access to systems
- Good understanding of Cyber Security principles and MITRE framework.
- Deep understanding on Phishing tactics and Windows endpoint investigation.
- Analyze malware in a sandbox environment to understand impact
MINIMUM QUALIFICATIONS
- Education Full time graduation from an accredited university (Mandatory- Note: This is the minimum education criteria which cannot be altered)
- Related work experience 2 to 4 years
- Technologies SIEM knowledge, networking protocols, Cyber principles.
- Good communication skills.
PREFERRED QUALIFICATIONS
- Certification like Certified Ethical Hacker (CEH), CompTIA Cybersecurity Analyst (CySA+), EC-Council Certified Incident Handler (ECIH)
