大手証券会社でのIncident Response Regional Lead(SOC)の求人
求人ID:1318089
募集継続中
転職求人情報
職種
Incident Response Regional Lead(SOC)
ポジション
Vice President
おすすめ年齢
年収イメージ
年収イメージ:〜1200万円(経験・能力を考慮の上当社規定により決定)
仕事内容
●Responsibilities:
The candidate will need to coordinate the projects and operations with both the Japan teams and other international teams in the following domains, and will be expected to:
・Manage all aspects of Security Incident Response including validation, monitoring, containment, log analysis, system forensic analysis, and reporting.
・Work closely with SOC Manager and business stakeholders in order to meet project deliverables.
・Augment Incident response team to ensure 24/7 coverage and operations.
・Carrying out post-incident reviews, assessing the effectiveness of controls, detection and response capability and supporting the required improvements with the responsible owners.
・Collaborate with Global IT Security team on new project initiatives, conduct POCs for new tech evaluation and upgradation of any existing security tools
・Routinely brief and update senior leadership and other stakeholders on the active incidents and manage expectation.
・Collaboration with the wider teams (like IT/Business operations teams where applicable) in the production and maintenance of efficient and effective incident response playbooks on timely basis.
・Collaboration with External Incident Response Retainer services for end to end tracking and remediation of security incidents.
・Recommend system enhancements or compensating controls to remediate security deficiencies
・Ensure preservation of all evidences as per applicable laws and regulations and maintain records of chain of custody during incidents.
●Additional Responsibilities
・Create, develop, and manage tools and scripts/process to assist in the monitoring of cyber risk, intelligence sources, and automation of processes.
・Develop metrics and reporting programs for senior leadership.
・Project management of Intelligence Lifecycle, including documentation.
・Occasional off-hours and weekend work required.
All team members will need to perform project management activities (Change the Bank (CTB)), as well as operational activities and support (Run the Bank (RTB)).
The candidate will need to coordinate the projects and operations with both the Japan teams and other international teams in the following domains, and will be expected to:
・Manage all aspects of Security Incident Response including validation, monitoring, containment, log analysis, system forensic analysis, and reporting.
・Work closely with SOC Manager and business stakeholders in order to meet project deliverables.
・Augment Incident response team to ensure 24/7 coverage and operations.
・Carrying out post-incident reviews, assessing the effectiveness of controls, detection and response capability and supporting the required improvements with the responsible owners.
・Collaborate with Global IT Security team on new project initiatives, conduct POCs for new tech evaluation and upgradation of any existing security tools
・Routinely brief and update senior leadership and other stakeholders on the active incidents and manage expectation.
・Collaboration with the wider teams (like IT/Business operations teams where applicable) in the production and maintenance of efficient and effective incident response playbooks on timely basis.
・Collaboration with External Incident Response Retainer services for end to end tracking and remediation of security incidents.
・Recommend system enhancements or compensating controls to remediate security deficiencies
・Ensure preservation of all evidences as per applicable laws and regulations and maintain records of chain of custody during incidents.
●Additional Responsibilities
・Create, develop, and manage tools and scripts/process to assist in the monitoring of cyber risk, intelligence sources, and automation of processes.
・Develop metrics and reporting programs for senior leadership.
・Project management of Intelligence Lifecycle, including documentation.
・Occasional off-hours and weekend work required.
All team members will need to perform project management activities (Change the Bank (CTB)), as well as operational activities and support (Run the Bank (RTB)).
必要スキル
●Requirements :
Mandatory&Language Skills:
・Bilingual Japanese / English language capabilities.
・Native Japanese is ideal, but must have at least N1 JLPT Japanese language skills.
・TOEIC level should ideally be over 800.
●IT and IT Security Experience:
・10+ years’ experience of working in IT Security and relevant areas like Security Operations Center, Incident Response, Threat Intelligence, Digital Forensics, Threat Hunting, Malware Analysis etc.
・Proven experience in handling security events in mission critical environments, hands-on troubleshooting, analysis, and technical expertise to guide team members in resolution of incidents as per agreed SLA.
・In depth understanding of incident response frameworks such as NIST and SANS.
・Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection)
・Should have hands-on experience with utilizing SIEM/EDR/Data Lake such as ArcSight, QRadar, Elastic search, SOAR etc. and help team in investigating security issues and/or complex operational issues
・Should have previous experience in solving day-to-day operational processes such as security monitoring, data correlation, security operations and cloud monitoring would be add-on.
・Experience in implementing and monitoring Cloud Security controls for AWS and Azure cloud
・Advanced knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases)
・Knowledge of cyber threat models (e.g MITRE ATT&CK, Kill Chain, Diamond Model) and ability to develop relevant alerting, countermeasures, and threat hunting techniques.
●Other Experience:
Good organization, communication, and coordination skills are essential for this position.
This job requires managing projects and delivering services so experience in either project management or ITIL service management is desired.
Preferred
・Any security certifications, such as: GCIH, CISSP, CISM, Security+, CEH, CCSK, or similar industry recognized certifications.
・Project management certifications, such as PMP, Prince2, or CSM.
・Other best-practice IT certifications such as ITIL or COBIT
・Knowledge of controls frameworks such as NIST CSF, NIST SP 800-53, ISO 27001/2, CIS, and FISC.
・Experience working in a global team.
●Personal Characteristics:
・Strong communication skills, ability to work comfortably with different regions.
・Good team player, ability to work on a local, regional and global basis and as part of joint cross location teams and cross functional teams.
・Ability to be pro-active and self-manage tasks through to completion.
・Able to perform under pressure.
Mandatory&Language Skills:
・Bilingual Japanese / English language capabilities.
・Native Japanese is ideal, but must have at least N1 JLPT Japanese language skills.
・TOEIC level should ideally be over 800.
●IT and IT Security Experience:
・10+ years’ experience of working in IT Security and relevant areas like Security Operations Center, Incident Response, Threat Intelligence, Digital Forensics, Threat Hunting, Malware Analysis etc.
・Proven experience in handling security events in mission critical environments, hands-on troubleshooting, analysis, and technical expertise to guide team members in resolution of incidents as per agreed SLA.
・In depth understanding of incident response frameworks such as NIST and SANS.
・Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection)
・Should have hands-on experience with utilizing SIEM/EDR/Data Lake such as ArcSight, QRadar, Elastic search, SOAR etc. and help team in investigating security issues and/or complex operational issues
・Should have previous experience in solving day-to-day operational processes such as security monitoring, data correlation, security operations and cloud monitoring would be add-on.
・Experience in implementing and monitoring Cloud Security controls for AWS and Azure cloud
・Advanced knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases)
・Knowledge of cyber threat models (e.g MITRE ATT&CK, Kill Chain, Diamond Model) and ability to develop relevant alerting, countermeasures, and threat hunting techniques.
●Other Experience:
Good organization, communication, and coordination skills are essential for this position.
This job requires managing projects and delivering services so experience in either project management or ITIL service management is desired.
Preferred
・Any security certifications, such as: GCIH, CISSP, CISM, Security+, CEH, CCSK, or similar industry recognized certifications.
・Project management certifications, such as PMP, Prince2, or CSM.
・Other best-practice IT certifications such as ITIL or COBIT
・Knowledge of controls frameworks such as NIST CSF, NIST SP 800-53, ISO 27001/2, CIS, and FISC.
・Experience working in a global team.
●Personal Characteristics:
・Strong communication skills, ability to work comfortably with different regions.
・Good team player, ability to work on a local, regional and global basis and as part of joint cross location teams and cross functional teams.
・Ability to be pro-active and self-manage tasks through to completion.
・Able to perform under pressure.
就業場所
就業形態
正社員
企業名
大手証券会社
企業概要
国内大手証券会社
企業PR
日本をベースとしたグローバル金融機関。インベストメント・バンキング、グローバル・マーケッツ、アセット・マネジメント、リテールビジネス等を行っています。
業務カテゴリ
組織カテゴリ
備考
関連キーワード
応募ありがとうございました。コンサルタントからご連絡します
応募出来ませんでした。恐れ入りますがもう一度やり直してください
気になるに登録しました
気になるに登録出来ませんでした。恐れ入りますがもう一度やり直してください
この求人と似た求人情報
セキュリティエンジニア(自社向け)の求人情報
- 大手会計事務所グループ内シェアードサービス企業でのサイバーセキュリティアーキテクチャ業務推進担当(セキュリティ堅牢化業務推進)/~1000万円/東京都
- 大手会計事務所グループ内シェアードサービス企業での業務推進リーダー候補(サイバーセキュリティアーキテクチャ)/~1000万円/東京都
- 日系HRパッケージTOP企業での自社製品のPSIRTセキュリティエンジニア(マネージャー候補)/800万円~1200万円/東京都
- 大手証券会社でのサイバーセキュリティ業務/~1000万円/東京都
- 大手会計事務所グループ内シェアードサービス企業でのサイバーセキュリティ規程・管理ルール整備、セキュリティ教育チームリーダー候補/800万円~1400万円/東京都