Senior Analyst – Cyber Security Operations

Dreaming big is in our DNA. Its who we are as a company. Its our culture. Its our heritage. And more than ever, its our future. A future where were always looking forward. Always serving up new ways to meet lifes moments. A future where we keep dreaming bigger. We look for people with passion, talent, and curiosity, and provide them with the teammates, resources and opportunities to unleash their full potential. The power we create together when we combine your strengths with ours is unstoppable. Are you ready to join a team that dreams as big as you do?

AB InBev GCC was incorporated in 2014 as a strategic partner for Anheuser-Busch InBev. The center leverages the power of data and analytics to drive growth for critical business functions such as operations, finance, people, and technology. The teams are transforming Operations through Tech and Analytics.

Do You Dream Big?

We Need You.

Job Description

Job Title: Senior Analyst Cyber Security operations

Location: Bangalore (Onsite)

Reporting to: Sr. Manager Cyber Security operations

PURPOSE OF ROLE

Do you want to join the world largest brewer? We at AB-InBev have a fantastic opportunity for you to work as a Cyber Incident responder & join a growing team of top professionals who invest time and effort in protecting Ab-InBev from top Sophisticated Threats. We're constantly improving, advancing, and adopting new trends, new skills, and new expertise, giving our employees endless opportunities for professional development. Youll be expected to work with in a team of incident responders operating in 24x7 shift model with deep knowledge on investigating Security alerts, and process responses for alerts generated by cyber security systems within defined timelines.

KEY TASKS AND ACCOUNTABILITIES

• Work in a team of cyber security incident responders monitoring, responding, and processing responses for the security alerts triggered from SOC tools deployed across on-premise and cloud environments like EDR, IDS/IPS, Web proxy, SIEM, phishing analysis etc., And from Cloud Security platforms like MS Defender for Cloud, AWS Guard duty, Orca Security etc.,
• Monitor threats and new attack techniques being disclosed in the wild.
• Investigate events to determine if they are true events or false positive
• Create incident storyline based on the investigations, identify and communicate required remediation steps for all security alerts/incidents.
• Co-relate different log sources to collect the evidence required to understand the impact and advise on response actions.
• Completely own the incident till all the response actions are completed and documented in case records.
• Adhere to the SLAs and operational practices during a 24x7 shift schedule.
• Follow shift routine, regular updates to incidents, follow-up with vendors, AB InBev Zone Security contacts, and shift handover.
• Participate in projects to improve security monitoring toolkits as well as to improve defensive controls.
• Create Incident response SOPs and run books as in when needed.
• Seek opportunities to drive efficiencies and collaborate with other technology teams within and outside SOC (Eg.: NOC, Infra, automation, Cloud Ops, etc.,)

QUALIFICATIONS, EXPERIENCE, SKILLS

Education:

Bachelors degree preferably in Computer Science or Information Systems and /or equivalent formal training or work experience.

Experience:

2 to 3 years of experience in technical roles in the areas of Incident response, CISRT and SOC Operations.

Technical/Functional Skills:

• Hands on with Comercial Cyber tools (EDR, SIEM, CDR, Web Proxy,Perimeter firewall security, etc.,) Advanced
• Native Windows and cloud Security tools (Win sys internals, MS Defender, AWS Guard duty, Orca, Wiz, etc.,) - Intrermediate
• Knowledge on Operating systems (Windows) Advanced
• Knowledge on Operating systems (Linux, MAC) Intermediate

Mandatory Skills:

• Security event analysis & Cyber Incident response with Strong ability to use data points to sketch a story Advanced
• MITRE ATT&CK Framework - Intermediate
• Stakeholder Communication Advanced

Preferred (Good to have) Skills:

• Certifications - CEH, CHFI, CompTIA Security +, etc.,
• Working knowledge on SentinelOne EDR and SDL

And above all of this, an undying love for beer!

We dream big to create future with more cheers.