Engineer - II SOC

Condé Nast is a global media company producing the highest quality content with a footprint of more than 1 billion consumers in 32 territories through print, digital, video and social platforms. The company’s portfolio includes many of the world’s most respected and influential media properties including Vogue, Vanity Fair, Glamour, Self, GQ, The New Yorker, Condé Nast Traveler/Traveller, Allure, AD, Bon Appétit and Wired, among others.Job Description

Location:

Chennai, TN

Condé Nast is a global media company, home to iconic brands including Vogue, The New Yorker, GQ, Glamour, AD, Vanity Fair and Wired, among many others. The company's award-winning content reaches 84 million consumers in print, 367 million in digital and 379 million across social platforms, and generates more than 1 billion video views each month. The company is headquartered in London and New York, and operates in 32 markets worldwide, including China, France, Germany, India, Italy, Japan, Mexico & Latin America,Russia, Spain, Taiwan, the U.K. and the U.S., with local licence partners across the globe. 

The Conde Nast 24/7/365 global Security Operations Centre (SOC) underpins Conde Nast’s security posture and enhances the organisation's security profile. The SOC leverages new and existing tools, solutions and capabilities to provide dedicated Threat detection and Analysis, Infrastructure Event Monitoring with Security Incident Management and

Vulnerability Management.To deliver the above, we are recruiting for an Engineer II, Security Operations, to join our Security Operations Centre (SOC). The Engineer II, Security Operations reports to the Manager, Security Operations, and as part of the Conde Nast SOC, will focus on providing real-time security event monitoring and security incident detection, response and remediation, using NDR, XDR, SIEM, and other security management tools

This role is critical to providing;

• Security Event Monitoring

• Event Triage and Escalation

• Threat monitoring and management

• Threat Hunting

• Security Incident Analysis and Response

• Escalation point for Associate Engineer, Security Operations (SOC)

Job Description

Location: Chennai, TN

About The Role:

Condé Nast is looking for an experienced engineer to join and help us build the next generation of our digital products. You will work closely with our product teams and help the engineering team in their shared mission to scale out and build our public-facing platform. These teams’ focus spans many types of products essential to both editors, other engineers, and subscribers. Your work will drive the future of Condé Nast’s digital strategy in today’s publishing market and reach our millions of readers around the world.

About Responsibilities:

• Minimum 5 years Security Operations Centre experience with a minimum of 4 years hands-on experience with event and incident monitoring and management tools,services and solutions to deliver SOC services.

• Experience of providing SOC services in a 24/7/365 service delivery environment with shift rotas.

• Perform L2 investigation and triage of alerts from SIEM, EDR, NDR, WAF, and cloud-native security tools.

• Respond to and handle security alerts,events and incidents, including but not limited to, phishing, malware, ransomware, account compromise, insider threats, and cloud misuse.

• Perform incident containment, remediation coordination, and closure within defined SLAs.

• Collaborating with colleagues and key stakeholders within and outside your own department or function to support the delivery of vulnerability remediation and patching.

• Supporting SIEM platforms by collaborating on building playbooks that ensure appropriate log source integrations and fine-tuning.

• Assist as required, Vulnerability Management engineer, by coordinating and monitoring activities in relevant areas of the VM program such as security patch and remediation management.

• Work with Security Engineers to ensure all security tools and solutions are appropriately configured and maintained to provide Security Operations with visibility into assets, environments and users.

• Threat Hunting - participate in threat management by supporting the gathering and use of threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the threat landscape

• Ensure identified Threats are catalogued, processed and logged with contingent plans agreed with the Security Operations manager

Experience:

• Experience of monitoring and responding to events and incidents using Network

• Detection and Response (NDR), EDR/XDR,

• Experience with SIEM solutions (Splunk or other),

• Demonstrable ability to perform L2 investigation and triage of alerts from SIEM, EDR, NDR, WAF, and cloud-native security tools

• Understanding of cloud platforms (AWS, Google Cloud, MS Azure)

• Hands-on experience of SOAR and associated solutions (Demisto/InsightConnect/Swimlane/IBM Security Resilient)

• Good working knowledge and hands-on experience of cyber defensive and offensive techniques, malware families and adversary tactics, techniques and procedures, MITRE ATT&CK, NIST Frameworks

• Monitoring and investigating alerts from cloud-native tools: AWS GuardDuty and

GCP Security

• Detect and respond to: IAM abuse, credential compromise, privilege escalation, publicly exposed cloud resources (S3/Blob buckets, databases, APIs) and suspicious API calls and other anomalous cloud activity.

• Support remediation of cloud misconfigurations and cloud security best practices

• Sound understanding of how Host/Network, IPS/IDS and DLP solutions contribute to protecting an organisation

• Working knowledge of AWS / Azure / GCP.

• Good understanding of email security and phishing analysis

• Knowledge of ServiceNow, Jira and Confluence.

• Any experience of endpoints telemetry analysis, Malware analysis and understanding of Exploit kits

• Good communication skills

• Experience of working in a fast-paced, globally dispersed environment

• Good analytical, problem-solving and interpersonal skills

Educational Qualifications:

• B.Tech/BSc//M.Sc in technology.

• Security Certifications are a bonus - CompTia Security+

• ,CySA+ CISSP, any cloud

• Security, SSCP or similar

What happens next?

If you are interested in this opportunity, please apply below, and we will review your application as soon as possible. You can update your resume or upload a cover letter at any time by accessing your candidate profile.

Condé Nast is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, age, familial status and other legally protected characteristics.