Responsibilities :
Major tasks and responsibilities
Serve as a senior-level technical resource for cyber security incident handling
Manage junior CSIRT / SOC team members
Support the Kennametal Managed Security Service Provider relationship
Provide qualified guidance on and coordinate execution of identification, analysis, response monitoring of cyber threat and vulnerabilities
Incident Management and Monitoring
Manage Security incidents. Assist in developing concepts for efficient and effective security response activities.
Be a trusted point of contact and expertise for incidents and manage all the incident response activities including escalation to upper management.
Provide qualified guidance on SOC alerting conditions and necessary data sources
Note : this role requires some on-call duty
Vulnerability Management
Analyze and interpret results of vulnerability management activities using standard frameworks (CVSS)
Research and investigate new and emerging vulnerabilities, to include 0Day events
Identify and resolve false positive findings in assessment results
Assess compensating controls and validate their effectiveness
Partner with stakeholders to streamline, standardize and document vulnerability remediation procedures
Monitor vulnerability remediation activities
Integrate information from disparate sources and create tactical intelligence that is relevant to protecting the business.
Threat Management
Research and investigate new and emerging cyber threats and vulnerabilities through participation in external security communities.
Manage the collection, analysis, and dissemination of cybersecurity threat information, including controlling the quality of intelligence suppliers
Manage relationships with global stakeholders to identify business needs and design appropriate security controls.
Analyze and interpret threat information using standard frameworks (Cyber Kill Chain, MITRE ATT&CK framework )
Generate timely business cyber threat intelligence assessment reports to business owners and management stakeholders
Generate timely technical cyber threat intelligence assessment reports to IT management and stakeholders
Other Areas of Effort
Support the achievement of the Global IT Strategy
Support efforts related to the corporate Enterprise Security Dashboard
Preferred Areas of Education, Certifications, and Skills :
Master’s degree in information assurance (or related field) with minimum 5 years’ experience or B.S in information assurance (or related field) with minimum of 10 years’ experience on a computer security incident response team
Expertise of security concepts and best practices related to incident management, threat and vulnerability management
Practical experience with identifying, analyzing, and communicating cyber threat and vulnerability information
Experience with key SOC technologies (SIEM, EDR, TIP, others )
Experience applying threat and vulnerability analyses models, including the LM Cyber Kill Chain, the Diamond Model of Intrusion Analysis, the MITRE ATT&CK Framework and the Common Vulnerability Scoring System (CVSS)
Experience with incident response within cloud environments
Understanding of ITIL / service management concepts
Familiarity with enterprise risk management and how cyber threats and vulnerabilities integrate into ERM efforts
Exemplary verbal and written communication skills (English business fluent spoken and written)
Demonstrated ability to think strategically and perform detailed, complex analysis and data interpretation
Intercultural experience
Proven project management experience
Effective interpersonal skills, out-of-the-box thinking and ability to interface with all levels of staff
Ability to work under pressure and deal with ambiguous situations
Years of Relevant Work Experience Required : 5-8 Years
Education , Work Experience, Skills, Certificates
B.E and Master’s Degree,
Equal Opportunity Employer
