Address About NCR VOYIX
NCR VOYIX Corporation (NYSE: VYX) is a leading global provider of digital commerce solutions for the retail, restaurant and banking industries. NCR VOYIX is headquartered in Atlanta, Georgia, with approximately 16,000 employees in 35 countries across the globe. For nearly 140 years, we have been the global leader in consumer transaction technologies, turning everyday consumer interactions into meaningful moments. Today, NCR VOYIX transforms the stores, restaurants and digital banking experiences with cloud-based, platform-led SaaS and services capabilities.
Not only are we the leader in the market segments we serve and the technology we deliver, but we create exceptional consumer experiences in partnership with the world’s leading retailers, restaurants and financial institutions. We leverage our expertise, R&D capabilities and unique platform to help navigate, simplify and run our customers’ technology systems.
Our customers are at the center of everything we do. Our mission is to enable stores, restaurants and financial institutions to exceed their goals – from customer satisfaction to revenue growth, to operational excellence, to reduced costs and profit growth. Our solutions empower our customers to succeed in today’s competitive landscape.
Our unique perspective brings innovative, industry-leading tech to all the moving parts of business across industries. NCR VOYIX has earned the trust of businesses large and small — from the best-known brands around the world to your local favorite around the corner.
Title: Information Security Engineer II
Location: Gurugram, India
About NCR Corporation
NCR Corporation (NYSE: NCR) is a global technology company leading how the world connects, interacts and transacts with business. NCR’s assisted- and self-service solutions and comprehensive support services address the needs of retail, financial, travel, healthcare, hospitality, entertainment, gaming and public sector organizations in more than 100 countries. NCR (www.ncr.com) is headquartered in Atlanta, Georgia.
Information Security Engineer II
This role is part of NCR’s Global Information Security team. This team is responsible for developing and implementing NCR’s corporate Information Security program. The primary goal of the program is to protect the confidentiality, integrity, and availability of information resources. Key Information Security functions and activities include architecture and design for NCR Information Security controls, developing and enforcing policies and standards, security awareness training, risk management, assessment, and testing, monitoring and metrics, incident management, and threat and vulnerability management.
The Information Security Engineer II shall be responsible for the day-to-day activities required to respond for both routine and high severity incidents and vulnerabilities identified. The Information Security Engineer II shall work in a collaborative manner with incident responders, key incident management team members, management, and other stakeholders to ensure security incidents are contained, eradicated, remediated and after-action review is held according to corporate policy. The Information Security Engineer II shall work in a collaborative manner with vulnerability coordinators and remediation team to make sure the vulnerabilities are remediated with patching and compensating controls. The Information Security Engineer II is expected to contribute to weekly status calls and is On-Call which includes working off hours/weekends and respond to ad-hoc requests as part of this position. The Information Security Engineer II will work with stakeholders and team members to assist with improving incident response processes that are aligned with the mission of the office of the CISO.
Key Responsibilities
- Antivirus support - CrowdStrike, McAfee, Symantec, Carbon Black Cloud Endpoint Protection
- Complex troubleshooting, Root cause analysis, performance tuning, Tuning, diagnostics and maintenance of IT security related Equipment
- Ensuring adherence to process
- Monitoring alerts received from the EDR solutions and take appropriate action based on the defined processes.
- Resolution of problems through configuration changes/ re-installations / replacements
- Following the SLA’s and procedures already defined for security device management
- Procedures and KB, known incident resolution, Known Error handling
- Updating Patches and Signatures Management
- Hands on experience and ability to do Root cause analysis, Problem & Capacity Management
- Anti-Virus compliance management.
- As an active member of the team, monitor and process response for security events on a 24x7 basis.
- Triage, respond to and escalate Zero days and high severity vulnerabilities.
- Coordinate remediation activities for Zero days/High Severity vulnerabilities.
- Leverage automation and orchestration solutions to automate repetitive tasks.
- Work alongside other security team members to hunt for and identify security issues generated from the network, including third-party relationships.
- Coordinate incident response activities across multiple independently managed environments and security teams.
- Leverage knowledge in multiple security disciplines, such as Windows, Unix, Linux, data loss prevention (DLP), endpoint controls, Public Cloud, and networking, to offer global solutions for a complex heterogeneous environment.
- Utilize multiple security/threat intelligence tools and resources to understand threats.
- Analyze and respond to minor and major incidents, reported SPAM and Phishing e-mails.
- Partner with the detection engineering team to improve tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities.
- Support 24/7 operations
- Perform other duties as assigned.
Skills and Qualifications
- Strong knowledge of network, backend systems, operating systems, applications, and web services in a manner that allows for the interaction of all as it relates to security and services.
- Endpoint Engineering skills like Crowd Strike, Carbon Black Cloud
- Added advantage with incident responder/Vulnerability management skills
- Ability to apply analytical expertise and critical thinking to security incidents and Vulnerabilities.
- Ability to assimilate, understand and utilize various security technologies.
- Ability to collaborate within a geographically distributed team of Incident Response Analysts and vulnerability remediation team.
- Current Information Security related certification preferred.
- Current Public cloud related certification preferred.
- Knowledge of relevant Information Security and incident response frameworks such as MITRE ATT&CK Framework and CVSS scoring systems
- Strong communication skills and ability to work in a collaborative atmosphere.
- Strong attention to detail
- Ability to deal with ambiguity and translate high level objectives into detailed tasks.
- Ability to prioritize work with multiple, simultaneous work assignments.
- Ability and willingness to learn new tools and processes.
- Experience documenting business processes or technical procedures preferred.
EEO Statement
Integrated into our shared values is NCR's commitment to diversity. NCR is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. This concept encompasses but is not limited to human differences with regard to race, ethnicity, religion, gender, culture and physical ability. Every individual at NCR has an ongoing responsibility to respect and support a globally diverse environment.
Offers of employment are conditional upon passage of screening criteria applicable to the job
EEO Statement
Integrated into our shared values is NCR Voyix’s commitment to diversity and equal employment opportunity. All qualified applicants will receive consideration for employment without regard to sex, age, race, color, creed, religion, national origin, disability, sexual orientation, gender identity, veteran status, military service, genetic information, or any other characteristic or conduct protected by law. NCR Voyix is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. Every individual at NCR Voyix has an ongoing responsibility to respect and support a globally diverse environment.
Statement to Third Party Agencies
To ALL recruitment agencies: NCR Voyix only accepts resumes from agencies on the preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Voyix employees, or any NCR Voyix facility. NCR Voyix is not responsible for any fees or charges associated with unsolicited resumes
To ALL recruitment agencies: NCR Voyix only accepts resumes from agencies on the preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Voyix employees, or any NCR Voyix facility. NCR Voyix is not responsible for any fees or charges associated with unsolicited resumes
“When applying for a job, please make sure to only open emails that you will receive during your application process that come from a @ncrvoyix.com email domain.”
