Cyber Security Operations Specialist - IN
The Cyber Security Operations Specialist - IN communicates, implements, enforces and monitors the organization's security controls to protect technology assets from intentional or inadvertent modification, disclosure or destruction. Under limited supervision, this job works independently to manage and monitor the organization's IT systems and networks to ensure the security and safety of the organization's information.

This job monitors all networks and systems within the organization to identify and deter potential threats. This job also helps analyze data to protect and maintain the overall information technology (IT) security of the organization. The Specialist identifies potential data leaks and determines if an incident constitutes a violation of policies and standards.

Key Responsibilities and Duties
• Designs, tests and implements secure operating systems, networks and databases for the organization.
• Performs complex risk assessments and executes tests of data processing system to ensure functioning of data processing activities and security measures.
• Oversees auditing of passwords, network based and Web application based vulnerability scanning, virus management and intrusion detection.
• Reviews risk audits and assessments and provides recommendations for application design.
• Reviews system access logs, ensuring only permitted individuals have access to company information.
• Monitors use of data files and regulates access to safeguard information in computer files.
• Monitors current reports of computer viruses to determine when to update virus protection systems.
Educational Requirements
• University (Degree) Preferred
Work Experience
• 3+ Years Required; 5+ Years Preferred

Career Level
7IC

Information Security Incident Response Specialist

Role Summary:

The TIAA Detection & Response Team is seeking an experienced Information Security Incident Response Specialist to participate in the day-to-day operations of its Information Security Operations Detection team. The incumbent will be responsible for analyzing security events, investigating potentially compromised endpoints, and driving security incidents to resolution. In addition, the incumbent will be responsible for proactively hunting and analyzing unidentified threats in the environment. Other duties will consist of operationalizing new – and tuning existing – security alerts and use cases, assisting in developing and training junior staff, and working with business partners to identify and close gaps in visibility.

Responsibilities:
• Perform deep-dive incident analysis by correlating data from various sources and determine if a critical system or data set is affected
• Minimize the dwell time of threat actors by monitoring, triaging, and responding to security events;
• Maintain thorough documentation in the case management system;
• Coordinating investigation and remediation of security incidents.
• Actively hunting for and analyzing previously-unidentified threats in the environment, with little-to-no direction;
• Documenting indicators and other TTPs in order to detect the identified threat actor activity.
• Develop and maintain standard operating procedures, use cases, and other documentation to reflect day-to-day security operations.
• Train, mentor, and assist in the development other security analysts within the Detection & Response Team.
• Provide 24/7 emergency response support in the event of security related incidents.
• Gather, develop, and deploy requirements both functional and technical in nature as defined by customers, stakeholders, and control owners.
• Participate in disaster recovery and on-call schedules as necessary.
• Build and maintain operation and configuration documentation including diagrams and flow charts.
• Attend daily standups, technical project meetings, and leverage team leads to maintain application and infrastructure configurations, uptimes, and metrics.

Required Skills:
• 10+ years information Cyber security experience.
• Experience handling security incidents, to include reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs).
• Experience on a Cyber Security Operations team performing Tier II/III initial incident triage.

Desired Skills:
• 10+ years of in-depth analysis and incident response experience in On-premised, AWS and Azure.
• Bachelor's degree in computer science, information technology, or related field.
• Experience creating new security alerts, reports, or other monitoring capabilities.
• Experience with performing malware analysis (static properties and dynamic) and reverse engineering.
• Previous experience in other information security roles, such as penetration testing, vulnerability management, threat intelligence, content development, or risk management.
• Experience with enterprise information security data management tools preferred
• Industry-recognized information security certifications, i.e. CISSP, C|EH, GCIH, CASP, etc.
• Solid experience in scripting languages such as (or similar to) Python, PERL, and Ruby is a plus
• Proficiency with RSA Archer
• Experience with industry standard frameworks
• Experience with YARA, regex, or other host/network-based signature development
• Passionate about identifying malicious attackers, and understanding attack vectors, threat tactics, and attacker techniques and will distinguish applicants
• Exceptional written and oral communication skills
• Strong critical thinking and analytical skills
• Able to effectively and efficiently collaborate with a diverse and geographically distributed team
• Ensure successful handoff of procedures between shifts

Related Skills
Accountability, Adaptability, Business Continuity Planning, Cloud Computing Security, Collaboration, Communication, Compliance, Consultative Communication, Cybersecurity, Detail Oriented, General Risk Management, Network Security, Prioritizes Effectively

_____________________________________________________________________________________________________

Company Overview

TIAA GBS India was established in 2016 with a mission to tap into a vast pool of talent, reduce risk by insourcing key platforms and processes, as well as contribute to innovation with a focus on enhancing our technology stack. TIAA GBS India is focused on building a scalable and sustainable organization , with a focus on technology , operations and expanding into the shared services business space.

Working closely with our U.S. colleagues and other partners, our goal is to reduce risk, improve the efficiency of our technology and processes and develop innovative ideas to increase throughput and productivity.

We are an Equal Opportunity/Affirmative Action Employer. We consider all qualified applicants for employment regardless of age, race, color, national origin, sex, religion, veteran status, disability, ****** orientation, gender identity, or any other protected status.

Accessibility Support

TIAA offers support for those who need assistance with our online application process to provide an equal employment opportunity to all job seekers, including individuals with disabilities.

If you are a U.S. applicant and desire a reasonable accommodation to complete a job application please use one of the below options to contact our accessibility support team:

Phone: (800) 842-2755

Email: [email protected]