Dreaming big is in our DNA. It’s who we are as a company. It’s our culture. It’s our heritage. And more than ever, it’s our future. A future where we’re always looking forward. Always serving up new ways to meet life’s moments. A future where we keep dreaming bigger. We look for people with passion, talent, and curiosity, and provide them with the teammates, resources and opportunities to unleash their full potential. The power we create together – when we combine your strengths with ours – is unstoppable. Are you ready to join a team that dreams as big as you do? AB InBev GCC was incorporated in 2014 as a strategic partner for Anheuser-Busch InBev. The center leverages the power of data and analytics to drive growth for critical business functions such as operations, finance, people, and technology. The teams are transforming Operations through Tech and Analytics. Do You Dream Big? We Need You. Job Description Job Title: Specialist – Cyber Security operations Location: Bangalore (Onsite) Reporting to: Sr. Manager – Cyber Security operations PURPOSE OF ROLE Do you want to join the world largest brewer? We at AB-InBev have a fantastic opportunity for you to work as a Cyber Incident responder & join a growing team of top professionals who invest time and effort in protecting Ab-InBev from top Sophisticated Threats. We're constantly improving, advancing, and adopting new trends, new skills, and new expertise, giving our employees endless opportunities for professional development. You’ll be expected to work with in a team of incident responders operating in 24x7 shift model with deep knowledge on investigating Security alerts, and process responses for alerts generated by cyber security systems within defined timelines. KEY TASKS AND ACCOUNTABILITIES Work in a team of cyber security incident responders monitoring, responding, and processing responses for the security alerts triggered from SOC tools deployed across on-premise and cloud environments like EDR, IDS/IPS, Web proxy, SIEM, phishing analysis etc., And from Cloud Security platforms like MS Defender for Cloud, AWS Guard duty, Orca Security etc., Monitor threats and new attack techniques being disclosed in the wild. Investigate events to determine if they are true events or false positive Create incident storyline based on the investigations, identify and communicate required remediation steps for all security alerts/incidents. Co-relate different log sources to collect the evidence required to understand the impact and advise on response actions. Completely own the incident till all the response actins are completed and documented in case records. Adhere to the SLA’s and operational practices during a 24x7 shift schedule. Follow shift routine, regular updates to incidents, follow-up with vendors, AB InBev Zone Security contacts, and shift handover. Work closely with In-house automation and data science team to automate the repeated tasks. Participate in projects to improve security monitoring toolkits as well as to improve defensive controls. Act as an Incident commander during Critical incidents. Act quickly on identifying potential kill switch and containment. Post Containment, Prepare the incident report and share with required stakeholders Create Incident response SOP’s and run books as in when needed. Seek opportunities to drive efficiencies and collaborate with other technology teams with in and outside SOC (Eg.: NOC, Infra, automation, Cloud Ops, etc.,)/ Work closely with internal threat intel, offensive and defensive security teams to mitigate the risks identified in internal operations QUALIFICATIONS, EXPERIENCE, SKILLS Education: Bachelor’s degree preferably in Computer Science or Information Systems and /or equivalent formal training or work experience. Experience: 3 to 5 years of experience in technical roles in the areas of Incident response, CISRT and SOC Operations. Technical/Functional Skills: Hands on with Comercial Cyber tools (EDR, SIEM, CDR, Web Proxy, etc.,) – Advanced Native Windows and cloud Security tools (Win sys internals, MS Defender, AWS Guard duty, etc.,) - Advanced Knowledge on Operating systems (Windows, Linux) – Advanced Knowledge on Operating systems (Android, iOS, MAC) – Intermediate Mandatory Skills: Security event analysis & Cyber Incident response with Strong ability to use data points to sketch a story – Advanced Stakeholder Communication – Expert Preferred (Good to have) Skills: Certifications - CEH, CHFI, CompTIA Security +, etc., Working knowledge on SentinelOne EDR and SDL And above all of this, an undying love for beer! We dream big to create future with more cheers.
Job Title
Specialist – Cyber Security Operations