Infosec Specialist - Digital Security Operations
Description:
CARL ZEISS
Carl Zeiss AG branded as ZEISS, is a German manufacturer of optical systems and optoelectronics, founded in Jena, Germany in 1846 by optician Carl Zeiss.
ZEISS is headquartered in Oberkochen, Germany and enjoys a global presence and rich heritage of being in business for more than 170 years.
ZEISS today operates in the following businesses:
• Semiconductor Manufacturing Technology
• Industrial Quality & Research
• Medical Technology
• Consumer Markets
We are located today internationally in almost 50 countries and have 25 research & development sites, 60 sales & services locations and 30 production sites.
In India, ZEISS is headquartered in Bangalore and has been present in India for 20+ years with an employee strength 1000+ has been one of the Top 10 markets of ZEISS. We have all the above Business Groups & 3 Global Centers in India. The global centers include:
- Global IT center
- Global R&D Center
- Global Production and Assembly Facility
Our R&D and IT teams have seen tremendous growth in the last couple of years with some exciting projects in hand which provide global exposure via global stakeholders while working with one of the best German companies in the world.
In India, other than Bangalore we have a production unit in Delhi and offices in Delhi, Mumbai, Kolkata, etc.
MANDATORY:
To know more about ZEISS and to understand the careers that ZEISS offers we urge you to please log onto our careers page to see the careers ZEISS offers and read our employees stories which will give you insights of the work, culture and careers offered
We would like to mention ZEISS does not offer you a job it offers you a career full of learning, global experience and exposure and challenging work and a chance to not be a part of the process but to manage and experience the entire process end to end.
You can also go through our LinkedIn page:
Job description
As a member of the Infosec advisory team, Infosec Specialist - Digital Security Operations is primarily responsible for Implementing, executing, and continuing to evolve the incident management activities as required by business. In this role, he/she will closely work with business teams to understand security monitoring usecase requirements and onboard them to SOC Monitoring.
Roles and Responsibilities
Responsible to improvise Threat/Risk detection abilities for Digital products (Business applications).
Closely work with business security stakeholders to understand security monitoring usecase requirements and onboard them to SOC monitoring.
Guide the Usecase development team with Rule logic ideas and perform frequent assessment of the rules to understand the monitoring gaps.
Closely work with SOC manager and business security stakeholders to develop an effective security incident response for the digital products and define the roles and responsibilities accordingly.
Maintain track of high level usecase mapping to Business security usecases.
Keep track of the deliverables and communicate to senior management.
Maintain necessary documentation of the Usecases.
Provide technical directions for SOC in analyzing alerts and response activities, and interface with CERT team on Incident triage activities.
Role Requirements
Experience
Must have a minimum of 8 years of experience in Information Technology with at least 3 of these years specifically focused on the domain of Information Security, particularly in regards to application security.
Process and Technical/Technology Skills
Proficient in engaging with high-level management stakeholders across all levels and business divisions and, comprehending the needs of the business.
Extensive understanding of WAF and security testing tools like Burpsuite, Owasp-Zap, OpenVAS, Acunetix, Immuniweb, Nikto, Nmap/Zenmap, Metasploit …
Profound knowledge of common security vulnerabilities as outlined in OWASP Top 10, WASC TCv2 and CWE TOP 25 along with understanding their corresponding remediation techniques.
Proficient in understanding application-level attacks like Cross Site Scripting, CSRF, Session Hijacking, SQL injection, Privilege escalation, Authorization Bypass, Weak Cryptography, Authentication flaws, etc.
Good knowledge on Threat Modeling, Cyber kill chain methodology, Mitre Framework.
knowledge on Usecase development in SIEM and good understanding on custom parsers and Log integration.
Knowledge in firewalls, IDS/IPS, Anti-Virus, EDR, Proxy, DNS, AD, etc. and security infrastructure.
Knowledge and understanding of windows, Linux, networking concepts and security infrastructure (firewalls, IDS/IPS etc).
Experience/Knowledge in Security Operations and dealing with cyber incidents.
Knowledge in cloud platforms (e.g., Azure, AWS, Google Cloud), cloud security principles and Security Infrastructure.
knowledge in Information Security policies, procedures, standards, best practices, and guidelines, and understanding of security governance, risk, and compliance.
Knowledge and understanding of project management methodologies, processes, and tools.
Having proficiency in a scripting language, like Python or Shell Script, would be an added advantage.
Other skills
Strong analytical skills and ability to solve complex technical problems with high attention to detail and accuracy.
Strong team player and ability to work in a challenging and constantly changing environment.
Professional attitude, able to communicate and interact with individuals at all levels.
Excellent communication skills, both written and verbal
Proficiency in planning, reporting, establishing goals and objectives, priorities, and schedules.
Education
Bachelor's degree in a subject related to IT or a related field, or equivalent demonstrated experience.
Certifications: Having certifications such as GPEN, PenTest+, OSCP, OSWE, OSCE, or any specialized training in application security from reputable institutes would be advantageous.