At Broadridge, we've built a culture where the highest goal is to empower others to accomplish more. If youre passionate about developing your career, while helping others along the way, come join the Broadridge team.
Job Description
Broadridge India is hiring a Cloud Security Incident Response, Senior Analyst.
The successful candidate will take ownership of security incidents and work with Broadridge Information Security teams, Technology teams, and Business representatives to ensure appropriate containment, response, and remediation is carried out. If you're looking to join a growing and dynamic team and have a real passion for Information Security, we encourage you to read below!
Responsibilities
Improve Cloud security posture by driving incident response, application vulnerability management program execution, effectively communicating security risks, and developing meaningful action plans and tracking issues to resolution.
Maintain and improve the Cloud security control framework in support of corporate-wide programs
Work towards enhancing Cloud (AWS/Azure) Cloud security posture which includes risk identification and mitigation.
Familiarity with API design, API Gateways.
Demonstrated ability to develop CI/CD pipelines with Jenkins and Git Experience writing infrastructure as code in Terraform
Work towards enhancing Cloud (AWS/Azure) Cloud security posture which includes risk identification and mitigation, review JSON policies etc.
Conduct assessments of security controls for new and existing cloud systems.
Collaborate with other CF Industries IT stakeholders to continue to evolve and implement a state-of-the-art secure cloud infrastructure.
Ownership of moderate to complex incidents that tie to a Financial Services Technology business.
Responsible for detecting and responding to security incidents, coordinating cross-functional teams to mitigate and eradicate threats and conducting response actions to detect, contain and remediate identified security incidents.
Coordinate containment, response, and recovery efforts in accordance with documented procedures.
Responsible for handling security incidents reported by vendors, governing bodies, or external security researchers.
Research and consume threat intelligence and develop security telemetry/content development to improve visibility and detection of potential adversaries and persistence mechanism.
Create and maintain well documented and tested security incident management procedures and run books aligning with industry standard methodologies.
Develop and share RCA (Root Cause Analysis) reports to support program development, growth, and continued alignment with threats and threat actors.
Provide periodic progress report and updates to management for ongoing security incidents
Lead Security Incident Tabletop test exercises and perform lessons learned exercises across various internal stakeholders.
Conduct advanced threat hunting operations using known adversary tactics, techniques, and procedures to detect adversaries with persistent access to the enterprise; identify and prevent and/or investigate suspicious events through event, pattern, correlation, and behavioral analysis of data from a range of systems and applications.
Cultivate awareness and strategic partnerships to ensure timely incident response.
Work collaboratively in a follow the sun team model.
Qualifications
Bachelor of Science degree required. Computer Science or Computer Security Degree preferred.
4+ years experience in information security incident response and management.
Excellent problem-solving and analytical skills
Strong verbal and written communication skills; able to present information in clear, concise terms to all levels in the organization, as well as business partners, vendors, and technical staff.
Capable of performing reverse engineering and exploit analysis.
Certifications preferred - AWS Certified Security Specialty or CCSP, GCIH, ECIH.
Experience with handling security incidents and investigations in AWS cloud environments.
Working with AWS native technologies like AWS VPC, WAF, Guard Duty, Macie, Inspector, S3, CloudTrail, CloudWatch, IAM.
Working with Microsoft Defender and Investigating security concerns by Advance threat hunting with KQL.
Familiarity with security tools and data types to hunt and investigate security incidents, such as EDR, AV, Firewall, and IDS solutions. SIEM/Splunk or other data/log analysis platforms.
Command line scripting or some coding proficiency (e.g., shell, python, etc.), to support digital forensics and incident response investigations
A plus is familiar with MITRE, Att&ck, Cyber kill chain
Ability to work on a team or independently with minimal supervision to achieve project achievements and deadlines
A plus is familiar with government publications: National Cyber Incident Response Plan; NIST, SP 800-61; Computer Security Incident Handling Guide; NIST, SP 800-86, Guide to Applying Forensic Techniques to Incident Response; NIST, SP 800-94 Guide to Intrusion Detection and Prevention Systems (IDPS); NIST, SP 800-184, Guide for Cybersecurity Event Recovery.