大手証券会社でのIncident Response Regional Lead(SOC)の求人

●Responsibilities:
The candidate will need to coordinate the projects and operations with both the Japan teams and other international teams in the following domains, and will be expected to:

・Manage all aspects of Security Incident Response including validation, monitoring, containment, log analysis, system forensic analysis, and reporting.
・Work closely with SOC Manager and business stakeholders in order to meet project deliverables.
・Augment Incident response team to ensure 24/7 coverage and operations.
・Carrying out post-incident reviews, assessing the effectiveness of controls, detection and response capability and supporting the required improvements with the responsible owners.
・Collaborate with Global IT Security team on new project initiatives, conduct POCs for new tech evaluation and upgradation of any existing security tools
・Routinely brief and update senior leadership and other stakeholders on the active incidents and manage expectation.
・Collaboration with the wider teams (like IT/Business operations teams where applicable) in the production and maintenance of efficient and effective incident response playbooks on timely basis.
・Collaboration with External Incident Response Retainer services for end to end tracking and remediation of security incidents.
・Recommend system enhancements or compensating controls to remediate security deficiencies
・Ensure preservation of all evidences as per applicable laws and regulations and maintain records of chain of custody during incidents.

●Additional Responsibilities
・Create, develop, and manage tools and scripts/process to assist in the monitoring of cyber risk, intelligence sources, and automation of processes.
・Develop metrics and reporting programs for senior leadership.
・Project management of Intelligence Lifecycle, including documentation.
・Occasional off-hours and weekend work required.

All team members will need to perform project management activities (Change the Bank (CTB)), as well as operational activities and support (Run the Bank (RTB)).

●Requirements :
Mandatory&Language Skills:
・Bilingual Japanese / English language capabilities.
・Native Japanese is ideal, but must have at least N1 JLPT Japanese language skills.
・TOEIC level should ideally be over 800.

●IT and IT Security Experience:
・10+ years’ experience of working in IT Security and relevant areas like Security Operations Center, Incident Response, Threat Intelligence, Digital Forensics, Threat Hunting, Malware Analysis etc.
・Proven experience in handling security events in mission critical environments, hands-on troubleshooting, analysis, and technical expertise to guide team members in resolution of incidents as per agreed SLA.
・In depth understanding of incident response frameworks such as NIST and SANS.
・Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection)
・Should have hands-on experience with utilizing SIEM/EDR/Data Lake such as ArcSight, QRadar, Elastic search, SOAR etc. and help team in investigating security issues and/or complex operational issues
・Should have previous experience in solving day-to-day operational processes such as security monitoring, data correlation, security operations and cloud monitoring would be add-on.
・Experience in implementing and monitoring Cloud Security controls for AWS and Azure cloud
・Advanced knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases)
・Knowledge of cyber threat models (e.g MITRE ATT&CK, Kill Chain, Diamond Model) and ability to develop relevant alerting, countermeasures, and threat hunting techniques.

●Other Experience:
Good organization, communication, and coordination skills are essential for this position.
This job requires managing projects and delivering services so experience in either project management or ITIL service management is desired.

Preferred
・Any security certifications, such as: GCIH, CISSP, CISM, Security+, CEH, CCSK, or similar industry recognized certifications.
・Project management certifications, such as PMP, Prince2, or CSM.
・Other best-practice IT certifications such as ITIL or COBIT
・Knowledge of controls frameworks such as NIST CSF, NIST SP 800-53, ISO 27001/2, CIS, and FISC.
・Experience working in a global team.

●Personal Characteristics:
・Strong communication skills, ability to work comfortably with different regions.
・Good team player, ability to work on a local, regional and global basis and as part of joint cross location teams and cross functional teams.
・Ability to be pro-active and self-manage tasks through to completion.
・Able to perform under pressure.