دوام كامل
Job Description
Are you passionate about helping to drive global Cybersecurity innovation and change? Do you thrive in environments that encourage critical thinking, creativity, and challenging the status quo?
Honeywell Cyber Fusion Center is looking for a Advanced cyber security architect/Eng to work as part of our L3 incident response team. This role is responsible for leading complex incident investigations and drives strategic security improvements. This person will help coordinate globally with multiple teams to defend Honeywell from cyber-attacks.
This position allows deep insight into various aspects of cyber security and will require attention to detail, a sense of urgency, and strong communication skills.
Participate on a team of highly skilled cybersecurity incident responders.
Build and maintain processes and procedures.
Assist with driving complex cybersecurity incidents to successful conclusion.
Hands-on experience analyzing security incidents to uncover root causes, attack vectors, and threat actor behavior.
Perform initial analysis, identification, and remediation of network intrusions, application attacks, and computer system compromises.
Assess the scope, severity, and potential impact of cybersecurity incidents.
Help mentor junior analysts in our L1 and L2 teams to help build a pipeline of talent that flows into L3.
Constantly optimize work procedures and automate recurring tasks. Develop and update technical documentation and formulate work instructions to address repeating issues.
Collaborate with global team members based in the Europe, India and US.
Participate in global on-call rotation.
Bachelor’s degree in Cybersecurity, Computer Science, or equivalent experience.
5+ years of experience in Information Security or Information Technology fields.
3+ years of experience in cybersecurity operations, with strong incident response background.
Experience with SIEM, Splunk and EDR solutions.
Good technical knowledge of Windows/Linux operating systems, various types of applications, and networking technologies.
Analytical skills in threat, vulnerability, and intrusion detection analysis.
Keen understanding of threat vectors as well as exfiltration techniques.
Advanced incident handling and crisis management
Attention to detail.
Ability to develop and follow complex work instructions and documentation.
Strong analytical skills with the ability to manage incidents under pressure.
Willingness to learn.
We value
Experience with SOAR Solutions like XSOAR/Demisto.
Knowledge in cloud security (Azure, AWS, MS Office 365).
Knowledge of Linux operating system.
One or more widely recognized certifications from renowned institutions such as GIAC/SANS, ISC/CISSP or Microsoft.
Detailed knowledge of Endpoint Detection and Response tools (e.g., Sentinel or MS Defender ATP).
Knowledge of scripting in Python or PowerShell.
Understanding of ITIL process, such as Incidents, Change & Problem management.
Experience in working in a global, process-driven organization.