MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.


I'm not curious
5

Team Leader - Technology Services

Location Noida, India
Posted 21-September-2021
Description
Team LeaderIT Risk and SecurityIncident Response


Position Title: Function, Responsibility - Asst. Manager - IT Team Leader - IT Risk &

Risk & Security


Reports to

(Responsibility Level):

ManagerOperations

IT Risk & Security

Supervises: NA [Individual Contributor role]


Location:

MetLife GOSC

NOIDA


Global Grade:

10 M

Cost Center (85 series):


Complexity:


PID/s Load Mapping:


Position Summary


This resource will provide oversight and monitoring on Infrastructure and Application Security, as well as responding to the cyber related incidents our role is to guide the first line of defense functions (Operations, Engineering.) to properly secure the environment and provide management/partners with the visibility of overall security posture. We also monitor the environment for security incidents and lead the response to Cyber threats.


To provide managed detection, incident investigation and proactive hunting, thus minimizing the potential business impact from cyber attacks
Continuous vigilance, to establish whether a compromise has occurred, and provide expert assessment of the nature, scope and implications of the incident along with tailored remediation steps specific to the environment.Submit, Review and Action the new Archer Incident ticket submitted on Archer Incident Tool
Submitting new Incident ticket on Service Now
Communication with all the global regional IT Security teams for tracking the archer incident submitted for timely closure post resolution
Performing risk analysis for the compromised MetLife Machines attacked by Malicious Domains to check suspicious activities by using MetLife Internal Tools
Analyze and take corrective action on the Phishing emails sent to MetLife employee


Job Responsibilities


Responsible for gathering correct information to submit Archer Incident requests
Risk assessment and Impact analysis of the compromised machines infected by Malicious Domains
Interact with different regional security teams and engineers daily in context to suspicious activities reported for compromised machines for containment
Analyze Financial Services ISAC emails to check multiple vulnerabilities reported which can be exploited by malicious people to disclose certain sensitive information, manipulate certain data, and cause a DoS (Denial of Service)
Reporting of logs and updating hashes on SharePoint for the Malicious Domains, IP reported in FSISAC emails 6. Analysis of New and Dropped Domains reported in Mark Monitor Application. Escalating the Suspicious Domains to Mark Monitor for take down
Daily report out of High scoring Domains published in Open DNS communicating with internal MetLife machines for a possible infection
Run daily queries on Splunk and report out for identify Pan Threat Domains, Filenames, Ransomware
Analysis of incidents/reports/dashboards and extracting Bluecoat/Palo Alto logs from Symantec portal
Analyze and report out of the Malicious URLs published in BCOAT Report post reviewing them on Virus Total, URL Void, OpenDNS, Malware Domain list, Bluecoat, Google
Excellent Soft skills (Mandatory)
Excellent Communication skills (Mandatory)
Excellent E-mail writing skills (Mandatory)
Excellent inter-personal skills with the ability to coordinate cross functionally


Knowledge, Skills and Abilities


Education

IT Graduate
Basic IT Infrastructure & Incident Response Knowledge
Knowledge of Databases, Networks, Hardware, Firewalls and Encryption


Experience

Total of 5years of Experience with at least 2 to 3 years in Incident Response, Fraud Monitoring & Threat Hunting
IT Risk & Security Audit & Compliance background
Hands on work experience in Cyber Security Tools like XSOAR, IBM Q-RADAR, Splunk, DLP, etc.
Certified Ethical Hacker
Must process problem solving, planning, and analytical skills to drive continuous improvements


Knowledge and skills (general and technical)

Expertise in networking Security System i.e. Firewall, Dynamic Host Configuration Protocol (DHCP), Secure Sockets Layer (SSL), Content Delivery Network, DNS
Thorough knowledge of Service Now applications
Experience and knowledge of Incident management practices
Exposure to IT Archer Findings
Exposure to enterprise share-point
Prior experience in managing Incident helpdesk / Incident management work is preferable
Intermediate MS Office skills


Other Requirements

(licenses, certifications, specialized trainingif required)

Preferably CISSP Certified


Working Relationships


Internal Contacts

(and purpose of relationship):


All Internal GOSC Stake Holders


External Contacts (and purpose of relationship)If

Applicable


Stateside Client/ Engineers from different regional Security teams (Such as Country/Regional Head for Monitoring/Containment)
Experience
Min 5 to 8 Years.

 
Awards & Accolades for MyTechLogy
Winner of
REDHERRING
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url