Sr Specialist - Cyber Security Operation

AB InBev APAC

Website: ab-inbev.cn
Job details:
Dreaming big is in our DNA. It’s who we are as a company. It’s our culture. It’s our heritage. And more than ever, it’s our future. A future where we’re always looking forward. Always serving up new ways to meet life’s moments. A future where we keep dreaming bigger. We look for people with passion, talent, and curiosity, and provide them with the teammates, resources and opportunities to unleash their full potential. The power we create together – when we combine your strengths with ours – is unstoppable. Are you ready to join a team that dreams as big as you do?

Job Title: Senior Specialist – Cyber Security operations

Location: Bangalore (Onsite)

Reporting to: Sr. Manager – Cyber Security operations

PURPOSE OF ROLE

Do you want to join the world largest brewer? We at AB-InBev have a fantastic opportunity for you to work as a Cyber threat hunter & join a growing team of top professionals who invest time and effort in protecting Ab-InBev from top Sophisticated Threats. We're constantly improving, advancing, and adopting new trends, new skills, and new expertise, giving our employees endless opportunities for professional development. As a part of the team, you’ll be expected to work in the threat hunting team with deep knowledge of security processes and procedures, best practices, offensive tactics to perform in-depth advanced log, system, and process analytics to pursue and prove or disprove hypotheses relating to malicious activity. The role supports and brings additional value to Security Operation Centre and incident response capability via highlighting suspicious correlations between incidents or events that may lead to or reveal advanced threats. Your Role also extend support to our monitoring team, providing 24*7 support in Cyber Security Operations in case of critical incident / Crisis.

Key Tasks And Accountabilities

• Proactively and iteratively hunt on large data sets, isolate, and remediate the threats that are associated with advanced threat actors and the threats that evade automated security solutions both on On-premise and Cloud environments.
• Conduct in-depth analysis of malware behavior, network traffic, endpoint artifacts, and logs.
• Develop, and document the detection use case content by correlating the security event telemetry.
• Own and Maintain threat hunting roadmap to fill in any detection gaps based on MITRE ATT&CK & ATLAS Framework.
• Work closely with Automation and Orchestration team to transform the detection use cases into security alerts.
• Use case management: Conduct regular review of existing use cases, Enhance and optimize the detection logics to produce most effective detections with less or no false positives.
• Develop dashboards and reports to identify potential threats, suspicious/anomalous activity, malware, etc.
• Collaborate with threat intelligence team to identify leads for threat hunting activities.
• Work closely with SIEM admin team and advise on new security log enrolments and help to maintain good log hygiene.
• Present threat briefings and tactical/strategic reports to leadership.
• Serve as an escalation point for SOC Analysts during critical incidents, to perform in depth analysis and triage threat activity based on host and network activity, traffic to identify infection vectors, the extent of the infection, and prepare high quality reports based on findings.
• Work with internal threat intel, offensive and defensive security teams in executing internal operations and mitigate identified risks.
• Work closely with internal threat intel, offensive and defensive security teams to mitigate the risks identified in internal operations
  
  

Qualifications, Experience, Skills

Education:

Bachelor’s degree preferably in Computer Science or Information Systems and /or equivalent formal training or work experience.

Experience:

5+ years of experience in Cyber threat hunting, Incident response, CISRT and SOC Operations.

Technical/Functional Skills:

• Deep understanding of attacker TTPs including MITRE ATT&CK, cyber kill chain, APT behaviors – Expert
• Ability to create custom signatures, detection logic, and hunt analytics with the available tool stack for both on-prem and cloud environments - Expert
• Hands on with Commercial Cyber tools (EDR, SIEM, CDR, Web Proxy, etc.,) – Advanced
• Native Windows and cloud Security tools (Win sys internals, MS Defender, AWS Guard duty, etc.,) - Advanced
• Knowledge on Operating systems (Windows, Linux, MAC) – Advanced
  
  

Mandatory Skills:

• Security event analysis & Cyber Incident response with Strong ability to use data points to sketch a story – Expert
• Identifying and correlating threat actor TTPs across datasets - Expert
• Strong analytical and problem‑solving skills - Advanced
• Mentor junior analysts / lead teams - Advanced
• Stakeholder Communication – Expert
  
  

Preferred (Good to have) Skills:

• Certifications - GCIH, GCFA, CCTHP, or similar
• Working knowledge on SentinelOne EDR and SDL
  
  

And above all of this, an undying love for beer!

We dream big to create future with more cheers. Click on Apply to know more.