Address
Form of work
SalaryIt's fun to work in a company where people truly BELIEVE in what they're doing!
Job Description:
Ingram Micro touches 80% of the technology you use every day with our focus on Technology Solutions, Cloud, and Commerce and Lifecycle Solutions. With $50 billion in revenue, we have become the world’s largest technology distributor with operations in 64 countries and more than 35,000 associates.
Requirements:
- Seven or more years of full-time professional experience in the Information Security field
- Experience working in a Security Operations Center (SOC), Managed Security Service (MSS), or inhouse SoC. Inhouse (SOC) is a plus
- Understanding of contemporary security architectures/devices such as firewalls, routers, switches, load balancers, remote access technologies, anti-malware, SIEM, and AV
- Strong time management and multitasking skills, attention to details and strong collaborative skills required
- Provide technical guidance to team members in the areas of Cyber Security
- Manage Individual and team performance to consistently meet performance standards
- Develop and Support Strategic plan and projects to meet Security Operations Center goals and Objectives
- Experience in developing and tracking of Security Operations metrics
- Should have experience in creation of executive presentations
- Coaching and training experience
- Willing to work in shift pattern (4 teams with two 12-hour shift, shift pattern working and non-working hours 2 days on, 2 days off, 3 days on, 2 days off, 2 days on, 3 days off)
- Ability to provide on call support when needed.
*This is not a complete listing of the job duties. It’s a representation of the things you will be doing, and you may not perform all of these duties.
Qualifications:
- Queue management (Open, Track, and close Security Incidents)
- Familiarity with cyber security frameworks such as NIST CSF.
- Demonstrate use and understanding of security technologies such as Security Incident and Event Management (SIEM) & Endpoint Detection and Response (EDR)
- Demonstrated threat hunting experience SIEM and EDR solutions.
- Evaluate, respond, and mitigate alerts that originate from the SIEM and the Cybersecurity product suite, e.g. IDS/IPS, Anti-virus, Web Application Firewalls, NAC Solution, EDR etc
- Should have an understanding or working knowledge on Network Based Attacks / System Based Attacks, Denial of Service Attacks, HTTP Based DoS Attacks, Brute force attacks.
- Ability to identify common false positives and make suggestions on tuning.
Certifications & Knowledge
- One or more certifications preferred (GCIA, CISSP, CCSE, CISA, HBSS, NSA, CEH, Cisco Security, Security +, OSCP
