Job Description:
Qualification & Experience:We seek out curious minds! We value attention to detail! And we care deeply about outcomes.!
We’re looking for passionate people, who are eager to learn, willing to share, and establishing innovative ways of working and influencing culture change.
Bachelor degree in Computer Science, Engineering, or related field and Masters in Information Security would be preferred.
Knowledge in writing parsing in Splunk at different levels UF, HF, Indexer, Search Head is mandatory.
Knowledge in writing regexes is mandatory.
Working knowledge with Splunk Phantom is preferred.
Strong knowledge of python is mandatory. Experience with DevOps principles and dataset management is preferred.
Past experience of working with L2/L3 SOC analyst or a forensic analyst or a CERT team member is preferred.
Experience/knowledge with threat scenarios in multiple domains like Windows, Network, Unix/Linux, Cloud (AWS/GCP) , Encryption is preferred.
Information Security and/or Information Technology industry certification (OSCP, SANS GIAC or equivalent) will be preferred.
Splunk Certifications like Certified Advanced Power User, Certified Consultant, Splunk Enterprise Certified Architect, Certified Developer, Enterprise Security Certified Admin are preferred.
Knowledge in SOC referential such as Sigma, Stix Taxii, MITRE ATT&CK is preferred.
Good interpersonal and communication skills, works effectively as a team player.
Experience in Agile, SAFE & Scrum methodology preferred.
French language knowledge will be an added advantage.
ResponsibilitiesCollaborate with team members to develop and guide for investigation/remediation automations using python.
Collaborate with different business stakeholders to onboard data on Splunk.
Collaborate with the SOC Infrastructure team to manage CI/CD pipelines and IaC.
Collaborate with UCF (Usecase Factory) to improve the overall detection scope for the SOC.
Contribute to the evolution and improvement of the SOC Use Case framework.
Collaborate with UCF Lead, Security & Application Architects define & finalise SOC automation developments.
Ensure the SIEM platform tool is configured with detailed Use case requirements and configuration details to implement the use cases and there are supporting SOC processes.
Engage with Head of SOC, SDM Lead to prioritise SOC use case automation implementation schedules on a Agile & Safe mode.
Collaborate with Use case factories to oversee automation deployments and developments.
Manage and work on CI/CD pipelines to deploy the automations.
Participate in Security threat and monitoring forums to learn and keep abreast of the latest changes and good practices.
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.
Company:
Airbus Group India Private LimitedEmployment Type:
Permanent-------
&xa;Experience Level:
Entry LevelJob Family:
Cyber Security By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.
Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to emsom&64;airbus.com.
At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.
