brand logo
View All Jobs

Specialist – Cyber Security Operations

GHQ - Technology - CYBER SECURITY OPERATIONS
Bangalore
Job Description
AB InBev GCC was incorporated in 2014 as a strategic partner for Anheuser-Busch InBev. The center leverages the power of data and analytics to drive growth for critical business functions such as operations, finance, people, and technology. The teams are transforming Operations through Tech and Analytics.
Do You Dream Big?
We Need You.

Job Description

Job Title: Specialist – Cyber Security Operations
Location: Bengaluru
Reporting to: Senior Manager - Cyber Security Operations

1. Purpose of the role

Do you want to join the world largest brewer? We at AB-InBev have a fantastic opportunity for you to work as a Cyber threat hunter & join a growing team of top professionals who invest time and effort in protecting Ab-InBev from top Sophisticated Threats. We're constantly improving, advancing, and adopting new trends, new skills, and new expertise, giving our employees endless opportunities for professional development. You’ll be expected to work with in a team of incident responders operating in 24x7 shift model with deep knowledge on investigating Security alerts, and process responses for alerts generated by cyber security systems within defined timelines.

2. Key tasks & accountabilities

  • Work in a team of cyber security incident responders monitoring, responding, and processing responses for the security alerts triggered from SOC tools deployed across on-premises and cloud environments like EDR, IDS/IPS, Web proxy, SIEM, phishing analysis etc., And from Cloud Security platforms like MS Defender for Cloud, AWS Guard duty, Orca Security etc.,
  • Monitor threats and new attack techniques being disclosed in the wild.
  • Investigate events to determine if they are true events or false positive.
  • Create incident storyline based on the investigations, identify, and communicate required remediation steps for all security alerts/incidents.
  • Co-relate different log sources to collect the evidence required to understand the impact and advise on response actions.
  • Completely own the incident till all the response actins are completed and documented in case records.
  • Adhere to the SLA’s and operational practices during a 24x7 shift schedule.
  • Follow shift routine, regular updates to incidents, follow-up with vendors, AB InBev Zone Security contacts, and shift handover.
  • Work closely with In-house automation and data science team to automate the repeated tasks.
  • Participate in projects to improve security monitoring toolkits as well as to improve defensive controls.
  • Act as an Incident commander during Critical incidents. Act quickly on identifying potential kill switch and containment. Post Containment, Prepare the incident report and share with required stakeholders.
  • Create Incident response SOP’s and run books as in when needed.
  • Seek opportunities to drive efficiencies and collaborate with other technology teams with in and outside SOC (Eg.: NOC, Infra, automation, Cloud Ops, etc.,)
  • Working closely with Engineering team, to aid in the enhancement of contextual analysis and providing threat hunting support.

Business Environment

  • Flexible to support in 24*7 support environment.
  • Proficient in Threat Hunting techniques (endpoint and network data analysis).
  • Knowledge on Operational Technology (OT) Devices, Protocols.
  • Effective interpersonal, team building and communication skills.
  • Good Oral and Written communication skills
  • Ability to communicate complex technology to non tech audience in simple and precise manner Ownership skills.
  • Effectively collaborates and communicates with the stakeholders and ensures client satisfaction.
  • Learn things quickly, while working outside the area of expertise.
  • Good knowledge of security standards and best practices.
  • Understanding of various operating systems.
  • Familiarity with the Cyber Kill Chain and demonstrable analytical skills.
Job Requirement
3. Qualifications, Experience, Skills

  • Bachelor’s degree preferably in Computer Science or Information Systems and /or equivalent formal training or work experience.
  • 4+ years of experience in a technical role in the areas of Incident response, CISRT and SOC Operations.
  • Experience with more than one EDR, SIEM, and log analysis tools and techniques.
  • Experience on Cloud Security native solutions like MS Defender for Cloud, AWS Guard duty, GCP Command center etc., and commercial tools like Orca, Wiz etc.,
  • Experience in handling critical incidents in the past with Strong ability to use data points to sketch a story.
  • Ability to identify and communicate remediation steps for cybersecurity events by considering architecture, infra and system limitations.
  • Ability to recognize potential intrusion attempts and compromises through analyses of relevant event logs.
  • Good knowledge on operating system internals (Windows, Linux/UNIX & MAC) and Networking concepts.
  • Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
  • Nice to have: Security certifications like CEH, CHFI, CompTIA Security +, etc.,
  • Should have strong experience on Cyber Security alert response practices and Critical incident handling procedures.
  • Should have Advanced knowledge on operating system internals (Windows & Linux/UNIX) and Networking protocols.
  • IA demonstrated passion towards cyber security.

Competencies:

  • Familiarity with offensive strategies and attack vectors.
  • Ability to effectively work in a global team across a complex, geographically dispersed organization.
  • Good understanding of common threat analysis models such as the Cyber Kill Chain, and MITRE ATTCK.


And above all of this, an undying love for beer!
We dream big to create future with more cheers