Analyst - Security Operations and Monitoring

Recruiter
PVH
Location
Bangalore, India
Posted
01 Oct 2021
Closes
29 Oct 2021
Ref
R24396
Function
Finance
Level
Manager
Hours
Full Time
Position Summary: The primary purpose of this position is to safeguard information system assets and proactively managing risks to PVH by identifying and solving security problems in our global organization.

You will be part of the PVH Corp Information Security Group (ISG), which is a globally operating team that the European team reports into. Your base will be in our European PVH office.

Primary Responsibilities/Accountabilities of the Job

  • You will perform in-depth analysis of information security related events using a wide variety of tools implemented at PVH, you must be able to recognize problems and identifying security-related abnormalities and violations while having the flexibility of working off-hours to resolve critical incidents.
  • You will perform threat hunts across the PVH enterprise network by relying on in-depth knowledge of SOC tools and techniques, leveraging indicators of comrporises from incidents and security events to determine scope of breaches and potential impact.
  • As part of the security-monitoring group, you will help developers catch vulnerabilities in applications developed by PVH by conducting static and dynamic code testing and validating the threat for false positives.
  • Execution of PVH's incident response plan to perform investigations and triage incident severity, getting the appropriate parties involved to remediate.
  • Review and provide insights on architectural or configuration changes on PVH's network, applications and endpoints from a security standpoint.
  • You will participate in the global Threat and Vulnerability Assessment program, to ensure Vulnerability monitoring and notification service to the various PVH teams, coordinate and collaborate these teams to ensure the remediation of technical vulnerabilities.
  • You will further improve on technical security aspects within PVH Europe and provide consultation on technical security topics by maintaining relations, raising incidents, alerts, advisories, and bulletins as required with the various IT groups within PVH.
  • You will be part of the evaluation and selection of new or additional Security tools to further mitigate the risk for our organization; also, you will be coordinating and assisting with the implementation of the selected tools in the European environment.
  • You will provide monthly reporting to PVH leadership & other appropriate stakeholders on current threats and risks to the organization.
  • You will participate in IT projects representing the Information Security group where you will not only provide guidance and direction for the protection of information systems assets, you will also ensure that security controls are implemented in accordance with our security policies. Not only will you need to have creative and innovative ideas you are required to think along with the teams while maintaining and improving our security standards.

Qualifications and Experience:

Developing level of knowledge & skills - typically 2-5 Years of related experience.

Education:

Bachelor Degree Required

Knowledge/Skills Required
  • Analytical person or thinker;
  • In-depth understanding of the cyber landscape and typical threat actors;
  • Understanding of information security concepts, protocols, tools, industry best practices and strategies. Familiarity with enterprise frameworks like Mitre Attack and NIST CSF is a plus.
  • Strong understanding of regulatory compliance and data protection laws such as CSL (China Cyber Security Law) and how personal data is processed securely.
  • Strong knowledge of networks & operating systems;
  • Able to identify and evaluate technology risks in a complex IT landscape;
  • Hands on experience with enterprise level vulnerability scanning tools;
  • Experience with the coordination of penetration testing;
  • Experience with managing, configuration and upgrades to firewalls, intrusion detection/prevention systems (IDS,IPS), internal vulnerability scanners and other cyber defense solutions that may be in place;
  • Have a strong understanding of incident response procedures and ability to execute PVH's internal incident response plan when security events occur;
  • Relevant experience with Security information and event management and security incident handling; Have performed prior incident responses where primary objective is the determine a complete timeline of threat actor activities and data exfiltration for formalized report.
  • Performed threat hunts across the network in order to determine if practical threats are still propagating and determine complete scope of security incidents;
  • Leveraged application scanning tools on pre-production code and determining the right vulnerability to remediate for the development team;
  • Strong understanding of cloud services (AWS, Azure & GCP) and how architectural changes from cloud platforms impact security considerations;
  • Experience in performing security reviews or threat modeling of products and services before they are approved for enterprise use;
  • Eager to learn, pro-active, enthusiastic, communicative, take initiative and team player;
  • Professional and cooperative attitude;
  • Ability to take on multiple projects and work-streams;
  • Good understand of English language both written & verbal;

Communication Skills Required

Responsible for Obtaining & providing information to others.

Explaining policies or practices to others

Overall Impact & Contribution

Completes tasks with limited supervision

Problem Solving:

Problems and issues that requires broad based solutions and require resources (human, financial or operational) to solve.

More searches like this