The focus of the Professional Cyber Security SOC is to distinguish, interrupt and suppress threat actors on enterprise networks.
To execute this, you will use data analysis, threat intelligence, and cutting-edge security technologies. Working within the Security Operations Center Team at Ingram Micro, you will be responsible for detecting and assessing cyber security events and incidents across the enterprise environment.
Sr. Professional Cyber Security will also participate in developing processes, procedures, training, etc. for new technologies.
We seek a candidate to have a curious investigative mind, a passion in information security, and the ability to communicate complex ideas to varied audiences.
Investigate events and incidents to gather evidence and analyze in a comprehensive, consistent, and measurable manner
Evaluate, respond, and mitigate alerts that originate from the SIEM and other security tools
Hunt for suspicious and malicious threats within the environment
Identify common false positives and make suggestions on tuning to reduce alert-fatigue
Join forces with internal Security Incident Response Team (SIRT) during investigations
Train and mentor other team members to develop a high-performing team
Author investigation reports for technical and non-technical audience
Education and Experience
A bachelor / s degree in I.T., Engineering , Cyber Security or related science and math discipline with an information emphasis.
EngIish Proficiency is a must (fluent in reading, writing and speaking).
Five or more years of full-time professional experience in the information security field.
Experience working in an internal Security Operations Center (SOC) or Managed Security Service (MSS) Collaborate with Security Architecture, Engineering to Operationalize new security controls.
Have in depth working on security tools such as Security Incident and Event Management (SIEM), Endpoint Detection and Response (EDR), Anti-Virus.
Familiarity with MITRE ATT&CK and methods to detect suspicious and malicious behavior.
Basic understanding of vulnerability assessment tools.
Previous experience as a point of escalation in a technical environment.
This position requires availability to work different shifts.
Two or more security related certification preferred.