Job Information
Intercontinental Exchange (ICE) Senior Engineer, Cybersecurity DFIR in Hyderabad, India
Job Description
Job Purpose
The Intercontinental Exchange (ICE) Cybersecurity DFIR team is responsible for defending critical financial infrastructure from Global Cyber threats. We leverage an evolving arsenal of controls that require technical proficiency as well as tenacity, professionalism, and strong communication skills.
Responsibilities
Email Triage - Evaluating staff reported emails for malicious intent
Data Loss Prevention - Reviewing Daily DLP events for evidence of internal information leaving the network
Operations - Handling end user support requests. Some examples of end-user requests: unblocking websites, permitting file uploads, modifying anti-virus policies, and testing email attachments.
Incident Management – Detect, document, investigate, and contain security incidents in an efficient manner. Serve as a senior escalation point for incidents of greater complexity and or severity.
Intrusion Detection - Develop and tune anomaly detection capability to produce reliable actionable data
Behavioral Analysis - Develop and implement criteria to identify anomalous user behavior leading indicating insider threat activity
Endpoint Forensics - Construct meaningful incident timelines from forensic artifact analysis
Knowledge and Experience
University degree in Engineering, CIS, or related discipline
5+ years of relevant experience
Hands-on experience with Systems Administration
Deep understanding of networking and its application
Advancement Opportunity
Seniority is determined by experience and demonstration of exceptional competencies including:
Automation - Automating simple tasks using python increasing efficiency and continuity
Counter Measures - Ability to design and implement preventative and corrective controls to counteract emerging threats
Security Analytics - Efficiently distill actionable information from large data sets for reporting, hunting, and anomaly detection
Proactive Threat Hunting - Develop and execute focused plans to discover advanced threats that evade traditional security controls
Serve as a responsible Subject Matter Expert (SME) on one or more tools or technologies via learning, testing, implementing, enhancing, and educating.