Location:
Chennai, TNCondé Nast is a global media company, home to iconic brands including Vogue, The New Yorker, GQ, Glamour, AD, Vanity Fair and Wired, among many others. The company's award-winning content reaches 84 million consumers in print, 367 million in digital and 379 million across social platforms, and generates more than 1 billion video views each month. The company is headquartered in London and New York, and operates in 32 markets worldwide, including China, France, Germany, India, Italy, Japan, Mexico & Latin America,Russia, Spain, Taiwan, the U.K. and the U.S., with local licence partners across the globe.
The Conde Nast 24/7/365 global Security Operations Centre (SOC) underpins Conde Nast’s security posture and enhances the organisation's security profile. The SOC leverages new and existing tools, solutions and capabilities to provide dedicated Threat detection and Analysis, Infrastructure Event Monitoring with Security Incident Management and
Vulnerability Management.To deliver the above, we are recruiting for an Engineer II, Security Operations, to join our Security Operations Centre (SOC). The Engineer II, Security Operations reports to the Manager, Security Operations, and as part of the Conde Nast SOC, will focus on providing real-time security event monitoring and security incident detection, response and remediation, using NDR, XDR, SIEM, and other security management tools
This role is critical to providing;
Security Event Monitoring
Event Triage and Escalation
Threat monitoring and management
Threat Hunting
Security Incident Analysis and Response
Escalation point for Associate Engineer, Security Operations (SOC)
Location: Chennai, TN
About The Role:
Condé Nast is looking for an experienced engineer to join and help us build the next generation of our digital products. You will work closely with our product teams and help the engineering team in their shared mission to scale out and build our public-facing platform. These teams’ focus spans many types of products essential to both editors, other engineers, and subscribers. Your work will drive the future of Condé Nast’s digital strategy in today’s publishing market and reach our millions of readers around the world.
About Responsibilities:
Minimum 5 years Security Operations Centre experience with a minimum of 4 years hands-on experience with event and incident monitoring and management tools,services and solutions to deliver SOC services.
Experience of providing SOC services in a 24/7/365 service delivery environment with shift rotas.
Perform L2 investigation and triage of alerts from SIEM, EDR, NDR, WAF, and cloud-native security tools.
Respond to and handle security alerts,events and incidents, including but not limited to, phishing, malware, ransomware, account compromise, insider threats, and cloud misuse.
Perform incident containment, remediation coordination, and closure within defined SLAs.
Collaborating with colleagues and key stakeholders within and outside your own department or function to support the delivery of vulnerability remediation and patching.
Supporting SIEM platforms by collaborating on building playbooks that ensure appropriate log source integrations and fine-tuning.
Assist as required, Vulnerability Management engineer, by coordinating and monitoring activities in relevant areas of the VM program such as security patch and remediation management.
Work with Security Engineers to ensure all security tools and solutions are appropriately configured and maintained to provide Security Operations with visibility into assets, environments and users.
Threat Hunting - participate in threat management by supporting the gathering and use of threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the threat landscape
Ensure identified Threats are catalogued, processed and logged with contingent plans agreed with the Security Operations manager
Experience:
Experience of monitoring and responding to events and incidents using Network
Detection and Response (NDR), EDR/XDR,
Experience with SIEM solutions (Splunk or other),
Demonstrable ability to perform L2 investigation and triage of alerts from SIEM, EDR, NDR, WAF, and cloud-native security tools
Understanding of cloud platforms (AWS, Google Cloud, MS Azure)
Hands-on experience of SOAR and associated solutions (Demisto/InsightConnect/Swimlane/IBM Security Resilient)
Good working knowledge and hands-on experience of cyber defensive and offensive techniques, malware families and adversary tactics, techniques and procedures, MITRE ATT&CK, NIST Frameworks
Monitoring and investigating alerts from cloud-native tools: AWS GuardDuty and
GCP Security
Detect and respond to: IAM abuse, credential compromise, privilege escalation, publicly exposed cloud resources (S3/Blob buckets, databases, APIs) and suspicious API calls and other anomalous cloud activity.
Support remediation of cloud misconfigurations and cloud security best practices
Sound understanding of how Host/Network, IPS/IDS and DLP solutions contribute to protecting an organisation
Working knowledge of AWS / Azure / GCP.
Good understanding of email security and phishing analysis
Knowledge of ServiceNow, Jira and Confluence.
Any experience of endpoints telemetry analysis, Malware analysis and understanding of Exploit kits
Good communication skills
Experience of working in a fast-paced, globally dispersed environment
Good analytical, problem-solving and interpersonal skills
Educational Qualifications:
B.Tech/BSc//M.Sc in technology.
Security Certifications are a bonus - CompTia Security+
,CySA+ CISSP, any cloud
Security, SSCP or similar
If you are interested in this opportunity, please apply below, and we will review your application as soon as possible. You can update your resume or upload a cover letter at any time by accessing your candidate profile.
Condé Nast is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, age, familial status and other legally protected characteristics.
