Lead Cyber Defense Center Analyst

This role requires a 5-day workweek with 2 days off. Workdays rotate every 4 months to ensure weekend coverage, but shift timings remain constant.

Shift Timing: 5:30 AM IST - 3:00 PM IST

PURPOSE AND SCOPE:

India Cybersecurity Operation Center will assist in 24x7 Cyber Security Intrusion Monitoring and Event/Incident Response. Working with multiple IT Operations teams and members of the Information Security office, they will perform day-to-day security functions and investigations including more advanced analysis of threat intelligence and the security posture of systems. Manages and oversees systems to protect data from unauthorized access. Creates and implements policies and procedures for identifying, recording, and addressing security violations. Evaluates security systems and applications and suggests enhancements. Additional duties include gathering metrics and key performance indicators (KPI's) and other security related tasks.

PRINCIPAL DUTIES AND RESPONSIBILITIES:

• Responsible for working in a global 24x7 Cybersecurity Operation Center (SOC). Perform real-time alert monitoring and service / respond to the ticket management queue. Provide Incident Response (IR) support when analysis confirms actionable incidents.
• Provide threat and vulnerability analysis with recommendations. Analyze and respond to previously undisclosed software and hardware vulnerabilities.
• Supervise the design and execution of cyber threat intelligence, penetration tests, phishing exercises and security audits. Reviews threat intelligence sources for relevant data and takes the necessary actions aid in mitigating the threat to the environment, as defined by policy and procedures.
• Understand and ensure compliance with current and applicable US laws and regulations that affect medical device cybersecurity.
• Utilize established procedures to perform routine assigned tasks including performing, tracking, and reporting on daily Security Operations Center (SOC) compliance operations and heath monitoring systems.
• Support the creation and delivery of security awareness training programs and phishing exercises, helping employees recognize and respond to cyber threats.
• Help in creating automation use cases, reviewing potential automation tasks and guiding the team in achieving effective automation.
• Refine security monitoring tools and enhance incident detection and response strategies.
• Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Lead the team with clear deliverables, goals/objectives, feedback, coaching, and planning.
• Participate in security projects collaborating with stakeholders as needed.
• Prepare reports on security incidents and trends, providing analysis and recommendations for mitigating future risks.
• Reviews and comply with the Code of Business Conduct and all applicable company policies and procedures, local, state and federal laws and regulations.
• Participate in daily shift hand over meetings, weekly reporting meetings and monthly performance analysis meetings to ensure smooth functioning and continuity of incident and alert handling.

PHYSICAL DEMANDS AND WORKING CONDITIONS:

• The physical demands and work environmental characteristics described here are representative of those an employee encounters while performing the essential functions of this job.  Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

SUPERVISION:

• May be responsible for the direct supervision of various levels of Cybersecurity staff.

EDUCATION:

Minimum

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field

EXPERIENCE AND REQUIRED SKILLS:  

• 10+ years of work experience in cybersecurity or IT administration roles

• Basic understanding of computer security concepts including Identity & Access Management, Network Security, Application Security
• Prior Incident Management experience and familiarity with security tools and frameworks (e.g., SIEM, firewalls, vulnerability scanners) will be necessary
• Experience with Attack Surface Management including Vulnerability Management and Threat Intelligence Analysis and Mitigation.
• Experience with Penetration testing and Security Automation platforms and technologies will be added benefit.
• Relevant certifications such as CompTIA Security+, CISSP, or Certified Ethical Hacker are preferred.
• Effective communication skills (both written and verbal) and be able to contribute to the development and delivery of documents such as incident reports.