*summary*:
*about the role*:
*major accountabilities*
in addition to accountabilities listed above in job description:
- security monitoring and triage
- monitor in real time security controls and consoles from across the novartis it ecosystem
- communicate with technical and non-technical end users who report suspicious activity
- forensics and incident response
- conduct initial investigations into security incidents involving a variety of threats
- support incident response activities including scoping, communication, reporting, and long term remediation planning
- prepare technical reports for business stakeholders and it leadership
- big data analysis and reporting:
- utilizing siem/big data to identify abnormal activity and extract meaningful insights.
- research, develop, and enhance content within siem and other tools
- technologies and automation:
- interface with engineering teams to design, test, and implement playbooks, orchestration workflows and automations
- research and test new technologies and platforms; develop recommendations and improvement plans
- day to day:
- perform host based analysis, artifact analysis, network packet analysis, and malware analysis in support of security investigations and incident response
- coordinate investigation, containment, and other response activities with business stakeholders and groups
- develop and maintain effective documentation; including response playbooks, processes, and other supporting operational material
- perform quality assurance review of analyst investigations and work product; develop feedback and development reports
- provide mentoring of junior staff and serve as point of escalation for higher severity incidents
- develop incident analysis and findings reports for management, including gap identification and recommendations for improvement
- recommend or develop new detection logic and tune existing sensors / security controls
- work with security solutions owners to assess existing security solutions array ability to detect / mitigate the abovementioned ttps
- creating custom siem queries and dashboards to support the monitoring and detection of advanced ttps against novartis network
division
operations
business unit
cts
location
mexico
site
insurgentes
company / legal entity
mx06 (fcrs = mx006) novartis farmacéutica s.a. de c.v.
Job type
full time
employment type
regular
shift work
no