- Responsible for investigating, analysing the root cause for Security Incidents, performing triage, Incident Management and Incident Response and remediation of Security Incidents on timely manner without causing impact for KONE.
- Should be able to lead the L1 Operations team towards the OKR's set by Cybersecurity Operations Manager.
- Should be able to think proactively to minimize the risk caused by Security Incident and come up with improvements and automations to reduce the manual tasks.
- Support in the creation of operational documents such as use cases, play/runbooks
- Should be able to perform Threat Hunting and Detection Engineering to find the monitoring gaps and propose possible detection usecases to address those gaps.
- Daily collaboration with SOC team, KONE internal stakeholders and support teams related to Security Investigations and lead major Incidents related to Security in KONE.
- Support in the creation of various metrics, reporting, review of incident progress to Operations Manager.
- Communicate potential threats, suspicious/anomalous activity, malware, etc., to the Security SOC provider, and be a point of contact for KONE Cybersecurity issues.
- Continuously improve processes for use across multiple detection sets for more efficient operations.
- Should be responsible for Cybersecurity incident management and own the Incident under resolution.
- Provide remediation advice and assist incident response team in security incident response activities, escalate if required
- Should be adoptable to work with multi-vendor organization.
- Working across different cultures and organizations
- Should be able to identify the gaps in monitoring across IT, IoT and OT and to drive the new Security onboarding development and processes with Internal teams.
- Bachelor or Master's degree in IT (Computer Science)/ Engineering or respective knowledge through experience.
- Certifications in Cybersecurity like COMPTIA+, SC 200 or other specialized security certifications would be added advantage.
- Require 3+ years working experience in CyberSecurity SOC, Incident Management and Operations Domain
- Should possess in-depth knowledge on Network Security, Endpoint security etc
- Experience in working with Microsoft security landscape, e.g. Microsoft defender ATP, Microsoft cloud App security, Office ATP, Azure AD identity protection, Azure Security center, Azure sentinel.
- Experience in Cloud Security Concepts and implementing the security controls
- Should be having knowledge on ITIL Process
- Should possess very good verbal and communication skills
- Should be willing to maintain and update current knowledge of industry best practices for strategy and operational support in Organisation.
- Should be having strong problem solving and analytical skills.
Cybersecurity Operations Analyst - Chennai, India - KONE
Description
KONE Cybersecurity is an organization of experts responsible for developing and managing Cybersecurity in KONE Operations globally. As a Cybersecurity Analyst, you will join our hands in protecting KONE IT, IoT and OT infrastructure (including networks, hardware, software, and Applications) from a range of criminal activities.
Within the KONE Technology & Innovation unit, we have a dedicated Cybersecurity team for assuring the security of KONE's products and solutions as well as applications used by KONE's business lines.
We are looking for
Cybersecurity Operations Analyst
We are looking for a new team member, with suitable experience and most importantly a great mindset.
Cybersecurity Operations Analyst will be responsible for performing L2 Security Investigation for Security Incidents at KONE, development and Operational activities pertaining to it. You should be able to act and react on the escalated Security Incidents from L1 Security Operations Team. You will also be responsible for overseeing monitoring SOC capabilities to improve the efficiency ensuring our Environment is secured. The team's mission is reacting to potential threats in KONE Environment, analyse the severity and scope of the issue and work with the Cybersecurity Incident Management and Response Team to contain, mitigate and remediate the issue. In addition, the team is also responsible for providing the ideas to constantly improve the monitoring and detection capability.
The position is based in Chennai, India.
Job Responsibilities:
and training materials) on incident response, and ensures regular updating of these
documents.
We Expect You To Have
Team player with flexibility under tight deadlines.
Read more on