It's fun to work in a company where people truly BELIEVE in what they're doing!We're committed to bringing passion and customer focus to the business.
Job Description
REPORTING RELATIONSHIPS : Reports to AVP Security
PRIMARY FUNCTIONS AND ESSENTIAL RESPONSIBILITIES
Identify abnormal security events and trigger the call list / distribution list.
· Recognize successful cyber intrusions and compromises through log review and analysis of relevant event detail information.
Launch and track security investigations to resolution. Recognize cyber-attacks based on their signatures.
Differentiate the false positives from true intrusion attempts and help remediate / prevent.
Analyze and assess security incidents and escalates to appropriate internal teams for additional assistance.
Actively investigate the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notify client when appropriate.
Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
Responsible for documenting the incident life cycle, conducting handoffs’, escalation, and providing support during cyber incidents
Responsible for the tracking and assignment of tickets/events to Cyber Security Team.
Responsible for analyzing potential threats from multiple sources.
Responsible for creating filters, reports, dashboards, and alerts in support of Cyber Operations.
Responsible for initiating blocks for all indicators of compromise gathered in analysis.
Responsible for creating and updating existing playbooks and runbooks.
Assist with real-time security incident handling and tracking (e.g., intrusion correlation/tracking, threat analysis, and direct system remediation) tasks to support Incident Response Team.
Should be familiar with handling and mitigating attacks related to viruses, spoofing, hoaxes, malware
Should be familiar with emerging security threats and their attack vectors especially web application attacks
Excellent verbal and written English communication skills are most important for the role.
QUALIFICATIONS :
Education:
Bachelor’s degree in Computer Science, Information Technology, Business or equivalent discipline
Professional Certifications will be plus
Skills:
Experience with one or more Security Information and Event Management (SIEM) solutions. (such as McAfee, LogLogic, Splunk, QRadar, ArcSight)
Understanding of common attacks (e.g. brute force, SYN flood, session hijack, smurf etc.) and their SIEM signatures
Experience in security monitoring, Incident Response (IR), security tools configuration and security remediation
Strong knowledge and experience in Security Event Analysis capability
Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC, SMTP/IMAP, FTP, HTTP etc.)
Understanding of Operating System, Web Server, database and Security devices (firewall/NIDS/NIPS) logs and log formats.
Understanding of String Parsing and Regular Expressions.
Strong analytical and problem-solving skills are needed to perform the job of a SOC analyst.
Understand cyber-attack methods, perform analysis of security logs in an attempt to detect unauthorized behavior, provide daily reports to Team Leader
Good knowledge in Cybersecurity Incident Investigation, Root cause analysis and Troubleshooting and publishing Post Incident Reports
Providing concise and regular updates to management
Professional attitude towards teammates and colleagues, with ability to function as an effective team member
Ability to interact effectively at all levels with sensitivity to cultural diversity
Ability to adapt as the external environment and organization evolves
Passionate about Cybersecurity domain and has the inclination to learn current technologies / concepts / improvements.
Excellent in security incident handling, documentation, root cause analysis, troubleshooting and publishing post-Incident Reports.
Strong experience with cyber security in the domains of cyber threat intelligence and analysis, security monitoring and incident response
Experience of network and system vulnerabilities, malware, networking protocols and attack methods to exploit vulnerabilities
Knowledge of intrusion detection methodologies and techniques for detecting host- and network-based intrusions via intrusion detection technologies
Knowledge of incident response and handling methodologies
Experience Required:
More than 6-8 years of experience with a reputed Services / consulting firm offering Security Consulting, Implementation and Managed Security
More than 6 years of technical experience in Security Operations Center (SOC) and Cyber Security Incident Response.
Experience with one or more Security Information and Event Management (SIEM) solutions. (such as McAfee, LogLogic, Splunk, QRadar, ArcSight)
General Requirements:
Knowledge of security incident and event management, log analysis, network traffic analysis, malware investigation/remediation, SIEM correlation logic and alert generation
Understanding of Security principles, techniques and technologies such as SANS Top 20 Critical Security Controls
Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.)
Moderate knowledge of security related technologies and their functions (IDS, IPS, EDR, IRP, FW, WAF, SIEM, etc.)
Professional Certification like: Certified Incident Handler (GCIH), Certified Intrusion Analyst (GIAC), Certified Ethical hacker (CEH), Certified Incident Handler (CIH)
Basic understanding of Networking and various network technologies
Good in basics of Windows and Linux environment
Provide tuning recommendations to administrators based on findings during investigations or threat information reviews
Triage and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs)
Provide tuning recommendations to administrators based on findings during investigations or threat information reviews
COMPANY DESCRIPTION
Ares Management Corporation (“Ares” or the “Firm”) is a publicly traded, leading global alternative asset manager with approximately $149 billion of assets under management ("AUM") and over 1,300 employees. We seek to deliver attractive performance to our investor base across our investment groups and strategies, including credit, private equity and real estate. The firm is headquartered in Los Angeles with offices across the United States, Europe, Asia and Australia. Its common units are traded on the New York Stock Exchange under the ticker symbol "ARES".
Ares Management LLC (together with its related operating and administrative subsidiaries, “Ares Management”) is an Equal Employment Opportunity employer and considers all applicants for employment without regard to race, color, religion, ethnicity, creed, sex, age, national origin, alienage or citizenship status, disability, medical condition, pregnancy, marital status, partnership status, sexual orientation, status regarding public assistance, military or veteran status, domestic violence victim status, gender identity and expression, transgender status, genetic information, status as unemployed, political affiliation or any other characteristic protected by federal, state or local law.
Ares Management will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Fair Chance Initiative for Hiring Ordinance.
Reporting Relationships
Senior HR Business Partner
Qualifications
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!