Cyber Threat Intelligence Manager at EY analyzing and disseminating actionable threat intelligence. Collaborating with security teams and enhancing cyber defense operations.
About the role
- Incident Response Engineer responsible for incident detection and recovery at Kong. Collaborating with teams to enhance security processes and systems.
Responsibilities
- Execute, develop and document incident handling guides and processes for Kong
- Prioritizes events using existing tools to correlate data to reduce false positives and detect threats
- Analyze and tune security alerts and interpret events, as well as create new signals based on signatures and behavioral activities
- Respond to security incidents and perform forensics on IT systems as necessary.
- Guide/lead mitigation strategies for identified vulnerabilities and threats
- Design, automate and maintain a portfolio of security alerts, automated actions, and escalation workflows supporting a high-performing 24/7 incident response capability.
- Conduct threat hunting activities, anticipate future threats, and maintain forward-thinking strategies for tools/technology/processes that combat sophisticated threat actors.
- Assist with implementation of counter-measures or mitigating controls
- Develop and maintain Incident Response capabilities in public cloud environments
- Prepare incident reports of analysis methodology and results.
- Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
- Partner with key stakeholders and communicate effectively to improve preparation, identification, analysis, containment, and post-mortem activities feedback loop.
- Develop monthly reporting dashboards and metrics on incidents and response capabilities
- Prepare executive summaries and conduct briefings on significant investigations.
Requirements
- Experience in crisis management, namely in preventing incidents from becoming a crisis
- Insight of using incidents as opportunities by leveraging Incidents to drive innovation, situation awareness, and fixes
- Passion for automation, delegation, and scalability via playbooks and highly effective processes
- Drive for automating processes and workflows to detect, contain and eliminate active malicious agents
- Expertise in building and operating security information/event management systems (SIEM), centralized logging, and enrichment solutions (Endpoint protection/detection, Panther, Crowdstrike, AWS Security Hub, codebase infrastructure, build infrastructure)
- Practical experience working with cloud technologies; ability to build and deploy a solution using Terraform.
- Experience with building and deploying solutions (Ansible, Terraform)
- Competency in Linux, windows;
- Ability to automate workflows via Python or javascript scripting languages.
Benefits
- Health insurance
- Flexible work arrangements
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Assistente Técnico em Segurança do Trabalho supporting documentation and safety actions at Daikin, a global air conditioning leader.
Route Sales Driver responsible for building customer partnerships and meeting sales targets. Delivering products and maintaining effective customer relationships in the Bell Gardens area.
System Security Manager overseeing vulnerability management and compliance for critical systems at Agile5 Technologies. Driving security improvements and collaborating across project teams.
Security Guard responsible for protecting clients and staff at The Providence Center. Involves patrolling facilities, reporting incidents, and maintaining security protocols.
Corporate Security Manager ensuring safety and security of employees and assets at Vodafone. Responsible for implementing security policies and coordinating security personnel in an international environment.
Process & Information Security Manager responsible for IT governance and security at ilem, based in Casablanca. Leading ISO 27001 compliance and improving security practices.
Cyber Security Service Owner for Exposure & Vulnerability Management at ASSA ABLOY. Leading the performance and evolution of exposure management services globally.
Site Security Officer responsible for ensuring security compliance and managing risks. Collaborating in an international context at Saab Underwater Systems in Linköping or Motala.
Internship role developing skills in Information Security at Atlantic Union Bank. Engaging in real assignments and gaining practical work experience with mentoring and training.