The Role
In this role, you’ll be responsible for carrying out the operational activities of the Cyber Defence Centre (CDE) capabilities. You’ll also provide support to the wider GCDC team in effectively logging and monitoring use cases aligned with our MITRE ATT&CK framework and defensive capabilities.
Your role will involve supporting the delivery of important CDE projects and ensuring smooth transition into operations. Specifically, you will focus on developing use cases that align with our log source and use case strategy, contributing to the overall effectiveness of our cyber defense operations.
While we aren’t offering relocation assistance, this role can be based in any of the following locations: Bangalore or Pune, India OR Manila, Philippines. Applicants will be evaluated based on the country in which they have applied.
This is a hybrid role, where most of your immediate team largely works from home. There’ll be times where you’ll need to come into the office for team events, meetings, trainings etc but it’s not a regular occurrence . However.., if you’re a person who prefers to be on-site more frequently, we’ll make sure you’re well connected with others from the wider team to set you up for success.
Key Responsibilities:
As a Cyber Defence Operations Engineer, you’ll collaborate with Cyber Operations, Cyber Operations Governance teams, and global business unit stakeholders. Your focus will be on designing, deploying, and managing core security tooling to reduce risks.
You’ll develop and execute delivery plans with the wider Cyber Security and Enterprise Architecture teams to implement security tools and capabilities. This includes establishing clear processes, evaluating risk appetite and requirements with each source and owner.
Reviewing current log sources, you’ll build rules/use cases to enhance visibility of the Maersk estate against MITRE ATT&CK vectors. Leveraging security automation tooling, you will develop playbooks and workflows based on operational use cases.
You’ll closely monitor the integration and implementation of security controls for global IT platforms and applications, ensuring adherence to business objectives, regulations, and security policies with minimal impact.
Maintaining up-to-date knowledge of emerging threats and innovations, you’ll support continuous improvement of incident detection and response capabilities by collaborating with other teams across Cyber Operations.
You’ll assist in developing and improving the security incident response framework, providing effective rules for Cyber controls management. Additionally, you will integrate tool sets with XSOAR for automation and enhanced security capabilities.
Skills You’ll Have:
Strong communication skills, able to effectively communicate with both technical and non-technical individuals
Capable of presenting technical security information to non-technical audiences
Ability to work under pressure, independently or under general direction as required
In-depth knowledge of handling and responding to security incidents as part of a specialized incident response team
Familiarity with various security technologies and processes
Proficient in working with Orchestration and Automation tools, developing playbooks
Well-organized, motivated, and self-starting
Experience in Security Engineering or Operations within a DevOps team in an enterprise organization
Knowledge of securing operational technology and industrial control systems
Familiarity with NIST 800-53 and/or ISO 27001 security frameworks
Ability to produce high-quality and accessible solution documentation
Experience collaborating with teams and business units outside of security operations
Familiarity with the transportation/shipping industry
Knowledge of ITIL service methodology
Certifications such as CompTIA+, CEH, CISSP, CISM
Experience You’ll bring:
Proficiency in PowerShell/Python scripting and API concepts
Experience with MSSP integrations
Security log onboarding
Familiarity with SOC processes
Experience working with cloud-based security solutions
Agile environment experience
Excellent knowledge of security devices like SIEM, XSOAR, etc.
Previous project engagement and delivery execution
Click here to Apply Online