Job Description
Over the last 20 years, Ares’ success has been driven by our people and our culture. Today, our team is guided by our core values – Collaborative, Responsible, Entrepreneurial, Self-Aware, Trustworthy – and our purpose to be a catalyst for shared prosperity and a better future. Through our recruitment, career development and employee-focused programming, we are committed to fostering a welcoming and inclusive work environment where high-performance talent of diverse backgrounds, experiences, and perspectives can build careers within this exciting and growing industry. Job Description
DETAILED RESPONSIBILITIES/DUTIES:
- Responsible for initial or secondary triage of security incidents identified by internal controls or external SOC partners
- Proficient in Threat Research and understands the latest malware trends, common attack TTPs, and the general threat landscape
- Proficient in Incident Response and automation workflows as it relates to Security Operations
- Demonstrates ability to author content using a variety of query languages, as well as scripting for event enrichment and investigation
- Detects, identifies, and responds to cyber events, threats, security risks and vulnerabilities in line with cyber security policies and procedures
- Conducts threat hunting and analysis using various toolsets based on intelligence gathered
- Responsible for documenting the incident life cycle, conducting handoffs’, escalation, and providing support during cyber incidents
- Create detailed Incident Reports and contribute to lessons learned in collaboration with the team
- Works with vulnerability management resources to uncover and prioritize potential risks and makes specific recommendations to reduce the threat landscape and minimize risk
- Works with leadership and the engineering team to improve and expand available toolsets when warranted
- are critical for the role
SUPERVISORY RESPONSIBILITIES:
None
REQUIRED QUALIFICATIONS:
Skills:
- Experience with one or more Security Information and Event Management (SIEM) solutions
- Understanding of common Attack methods and their SIEM signatures
- Experience in security monitoring, Incident Response (IR), security tools configuration and security remediation
- Strong knowledge and experience in Security Event Analysis capability
- Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC, SMTP/IMAP, FTP, HTTP etc.)
- Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats
- Understanding of String Parsing and Regular Expressions
- Strong analytical and problem-solving skills
- High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity
- Ability to interact effectively at all levels with sensitivity to cultural diversity
- Ability to adapt as the external environment and organization evolves
- Passionate about Cybersecurity domain and has the inclination to learn current technologies / concepts / improvements
- Excellent in security incident handling, documentation, root cause analysis, troubleshooting and publishing post-Incident Reports.
- Strong experience with cyber security in the domains of cyber threat intelligence and analysis, security monitoring and incident response
- Experience of network and system vulnerabilities, malware, networking protocols and attack methods to exploit vulnerabilities
- Knowledge of cyber security frameworks and attack methodologies
- Experience working with EDRs, Proxies, and anti-virus
- Knowledge of intrusion detection methodologies and techniques for detecting host- and network-based intrusions via intrusion detection technologies
- Excellent verbal and written English communication skills
Experience:
- More than 4-6 years of experience in Enterprise Cybersecurity or with a reputed Services / consulting firm offering Security Consulting, Implementation and Managed Security services
- More than 4 years of technical experience in Security Operations Center (SOC) and Information Security required
- Experience with one or more Security Information and Event Management (SIEM) solutions
Education:
- Bachelor’s degree in Computer Science, Information Technology, Business or equivalent discipline
- Professional Certifications like CEH, CCSE, CCNA, Security+, etc., will be plus
Reporting Relationships
Manager, Cybersecurity
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!