SG
Senior Engineer - Security Operations
Accepting applicationsSuntory Global Spirits · Gurgaon, Haryana, India
Full-Time Senior SOC
Estimated market salary
₹9-17 LPA
This is a SiliconBoard market estimate, not an employer-posted salary.
Posted
15 Jun
Category
Design
Experience
Senior
Country
India
What makes this a great opportunity?
Suntory Global Spirits is a world leader in premium spirits with $5.5 billion in annual revenues and an ambition to become the World’s Most Admired Premium Spirits Company. We have a strong vision and strategy, an incredible brand portfolio grounded in quality and craftsmanship, an unwavering commitment to sustainability and top talent across the organization. We are focused on driving value across key priorities including American whiskey, Japanese Spirits, Scotch, Tequila and Ready-to-Drink. Headquartered in New York City, Suntory Global Spirits is a subsidiary of Suntory Holdings, which is world renowned for delivering quality and excellence across a range of products and categories.
The Senior Engineer Security Operations is a supportive member of the Global Information Security team who monitors SIEM platform, is in charge of incident management processes, and is responsible for ensuring tools, software, and hardware are secured and protected from cyber-attacks and are operating efficiently.
Role Responsibilities
Effectively monitor and respond to all security events on a 24/7 basis in a global environment
Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress and documenting lessons learned
Serves as an escalation point in the incident handling process
Provide containment support when a security incident is detected to minimize the risk of lateral movement while engaging internal/external stakeholders
Support onboarding and maintenance of a wide variety of data sources to include various OS, appliance, and application logs
Create queries, dashboards, and visualizations to support Organization’s requirements and monitoring of the SIEM deployment
Support troubleshooting and remediation of issues as they arise with data ingestion and SOC infrastructure
Configure and manage Log Collectors as per vendor recommendation and best practices
Self-guided research to track threat actors of importance for security products and services using threat intelligence and threat intel protection technologies and take proactive actions
Deliver Day-to-day SOC services as per the defined processes and SLAs
Develop and maintain automation workflows to improve containment SLAs and end user experience
Serves as
Evaluate and update SOC policies and procedures as appropriate
Deliver required metrics and reporting for senior leadership and program management
Develop relationships with engineering, infrastructure, software engineering, legal and other team members to socialize and align on the emerging program initiatives
Working experience with security vendors and service providers, evaluating new security solutions and conducting POCs
Qualifications
Desired Skills and Experience
Preferably seven or more years’ experience in security operations and incident management, including DFIR
Experience working in a 24x7 operational environment, with geographic disparity preferred.
Experience with SIEM, EDR, XDR, SOAR, Threat Intel, Threat Intel Protection, Red Teaming and related Security technologies
Familiarity with different Network. Web Application Firewall and identity and access management threat protection technologies
Solid knowledge of regular expressions and automation workflows
Understanding of data onboarding and ensuring appropriate time stamping and data parsing
Experience working with information security disciplines (e.g., incident response, security infrastructure management, or monitoring services)
Knowledge of cyber-attack stages, including reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation and covering tracks (Mitre, etc)
Additional Qualifications:
Highly effective communicator with ability to influence business units.
Analytical and problem-solving mindset.
Leverages strategic and tactical thinking.
Works calmly under pressure and with tight deadlines.
Is highly trustworthy; leads by example.
Security certifications preferred
Show more Show less
Suntory Global Spirits is a world leader in premium spirits with $5.5 billion in annual revenues and an ambition to become the World’s Most Admired Premium Spirits Company. We have a strong vision and strategy, an incredible brand portfolio grounded in quality and craftsmanship, an unwavering commitment to sustainability and top talent across the organization. We are focused on driving value across key priorities including American whiskey, Japanese Spirits, Scotch, Tequila and Ready-to-Drink. Headquartered in New York City, Suntory Global Spirits is a subsidiary of Suntory Holdings, which is world renowned for delivering quality and excellence across a range of products and categories.
The Senior Engineer Security Operations is a supportive member of the Global Information Security team who monitors SIEM platform, is in charge of incident management processes, and is responsible for ensuring tools, software, and hardware are secured and protected from cyber-attacks and are operating efficiently.
Role Responsibilities
Effectively monitor and respond to all security events on a 24/7 basis in a global environment
Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress and documenting lessons learned
Serves as an escalation point in the incident handling process
Provide containment support when a security incident is detected to minimize the risk of lateral movement while engaging internal/external stakeholders
Support onboarding and maintenance of a wide variety of data sources to include various OS, appliance, and application logs
Create queries, dashboards, and visualizations to support Organization’s requirements and monitoring of the SIEM deployment
Support troubleshooting and remediation of issues as they arise with data ingestion and SOC infrastructure
Configure and manage Log Collectors as per vendor recommendation and best practices
Self-guided research to track threat actors of importance for security products and services using threat intelligence and threat intel protection technologies and take proactive actions
Deliver Day-to-day SOC services as per the defined processes and SLAs
Develop and maintain automation workflows to improve containment SLAs and end user experience
Serves as
Evaluate and update SOC policies and procedures as appropriate
Deliver required metrics and reporting for senior leadership and program management
Develop relationships with engineering, infrastructure, software engineering, legal and other team members to socialize and align on the emerging program initiatives
Working experience with security vendors and service providers, evaluating new security solutions and conducting POCs
Qualifications
Desired Skills and Experience
Preferably seven or more years’ experience in security operations and incident management, including DFIR
Experience working in a 24x7 operational environment, with geographic disparity preferred.
Experience with SIEM, EDR, XDR, SOAR, Threat Intel, Threat Intel Protection, Red Teaming and related Security technologies
Familiarity with different Network. Web Application Firewall and identity and access management threat protection technologies
Solid knowledge of regular expressions and automation workflows
Understanding of data onboarding and ensuring appropriate time stamping and data parsing
Experience working with information security disciplines (e.g., incident response, security infrastructure management, or monitoring services)
Knowledge of cyber-attack stages, including reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation and covering tracks (Mitre, etc)
Additional Qualifications:
Highly effective communicator with ability to influence business units.
Analytical and problem-solving mindset.
Leverages strategic and tactical thinking.
Works calmly under pressure and with tight deadlines.
Is highly trustworthy; leads by example.
Security certifications preferred
Show more Show less
Similar Jobs
M
MTS, Analog Design Engineering
Micron · Boise, United States, North America
M
Senior Engineer, STPG PE (FDV-Verilog)
Micron · Singapore, Singapore, Asia
M
Digital IC Design Engineer - Early Career
Marvell · Westborough, United States, North America
M
Staff Firmware/Software Engineer- Embedded SoC/Microcontroller/DSP/SERDES/AEC/Microled/ODSP/PHY/AI Connectivity
Marvell · Santa Clara, United States, North America