Wolters Kluwer Global Business Services (GBS) is designed to provide services to the business units in the areas of technology, sourcing, procurement, legal, finance, and human resources. These global centers promote team collaboration using best practices around a specific focus area to drive results and enhance operational efficiencies. There is a constant endeavor to benchmark against best-in-class industry standards to improve the quality of deliverables, increase cost savings, enhance productivity, and reduce time to market for products and applications. We have an amazing opportunity for an IT Security SOC Analyst (Incident Management), available within our Global Business Services division! This position has been created due to growth! The IT Security SOC Analyst (Incident Management) will be responsible for monitoring and response to all emerging security incidents to protect and enhance the confidentiality, integrity, and availability of Wolters Kluwer assets.
As anIT Security Analyst, you will perform duties and tasks as a part of the Global Security Operations team to ensure potential security incidents representing vulnerability and exposure to Wolters Kluwer are contained, remediated and analyzed from a preventative perspective. In this role, you will be required to demonstrate knowledge in security incident handling and incident response and information synthesis in every area of IT security management. Your role will also include interfacing with and responding to internal business unit IT representatives and stakeholders at all levels during performance of your duties.
. Supports the response to and recovery from emerging information security incidents, acting as the focal point leading response efforts and ensuring effective action to contain and remediate the situation
. Supports the investigation of reported security breaches and, in coordination with WK Global Security Operations, develop procedures to respond to security incidents and assist with investigations
. Performs review of security platforms from the WK perspective, in conjunction with other members of the Security Operations Team.
. Responsible for supporting Security Incident Managers on communications bridges and meetings
. Working with business units to understand and properly address emerging incidents in accordance with WK policy and established best practices.
. Liaison to customer Business Units and other GBS organizations for security operations concerns.
. Ensures work is compliant with WK enterprise policies, procedures and the GIS strategic plan
. Identify and assist in the operationalization of new solutions and technologies during transition to steady-state operations, as directed
. Supports the investigation of reported security events and incidents and, in coordination with WK other global security operations team members, responds to security incidents and assists with ongoing investigations and root cause analysis (RCA).
. Contributes to the analysis and delivery of findings to internal customers with impactful, comparative, interpretative security analysis in a clear, consistent, and factual manner.
. Develops and recommends best course of action based on solid security principles
. Ensures assigned post-mortem and lessons-learned actions are completed, following incident restoration of service
. Takes part in cross-functional incident exercise activities, ensuring that policy and procedure are followed
. Responsible for ensuring knowledge of IT security and hardening best practices remains current
. Responsible for reviewing threat intelligence sources is support of WK security situational awareness
. Assists in developing vulnerability and threat-related communications for potential dissemination to warn WK employees of an emerging situation, focused on improving awareness
. Ensures information arising from incident response activities is communicated to the proper operational contacts for awareness and possible action
Other Duties:
Performs other duties as assigned by supervisor
Job Qualifications:
Minimum of 2-5 Years of Experience in SOC operations and security alert monitoring.
Experience in Creating, managing, and dispatching incident tickets for Security alerts In Office (Subject to Flex Work Policy). Experience in SOC monitoring, working knowledge in SIEM tools like LogRhythm, ArcSight, Splunk, McAfee Nitro, and AlienVault USM Anywhere.
. 24×7 Active monitoring of Security events using SIEM (based on standard operating procedure).
. Monitoring network security events and take appropriate action based on security policy.
. Perform detailed investigation on the alerts escalated by L1.
. Creating new rules, Dashboards, reports on different SIEM tools to detect new threats.
. Understand cyber – attack methods, perform analysis of security logs in an attempt to detect unauthorized behavior.
. Experience in performing Root Cause Analysis for data from SIEM
. Responsible for Incident Validation, Incident Analysis, Solution Recommendation
. Review the correlation rules and define the improvement plan. Fine tune the system.
. Stay current on IT security trends, intelligence and news.
. Handling escalations from L1 Analysts.
. Review Process, Compliance, Reports, KPIs.
. Familiarity of ITIL processes.
. Experience on Phishing email analysis.
. Good understanding on Security devices like Firewall, IPS/IDS, Proxy, Email Gateway, WAF, Antivirus.
. Experience in Cloud security, Threat Hunting, Threat Intelligence, Malware Analysis, Incident Response, Trend & Pattern Analysis, Machine Learning would be added advantage.
. Assist with the development, revision, and maintenance of Run books, Standard Operating Procedures/ Knowledge base and Working Instructions related to IT Security.
. Monitors health of data sources, check for all the tools and report any shortcomings immediately to the concerned team.
. Knowledge on servers and networking, Good knowledge on cyberattacks and cyber threats
. False positive mitigation and perform real-time analysis on all the integrated devices.
. Understanding of vulnerabilities in OS, Applications, Network devices and perform vulnerability assessments
. SIEM report analysis and prepare the daily/weekly/monthly and ad-hoc reports.
. Monitor external event sources for threat intelligence and actionable incidents.
. Follow Incident Management for SLA Matrix, Escalation matrix to resolver groups.
. Document all activities during an incident and providing leadership with status updates during the life cycle of the incident.
. Must comply with any regulatory requirements.
. Experience dealing with senior leadership, both in leading calls and also in writing documentation.
Travel Requirements:
As directed by the supervisor
Physical Demands:
Should be able to travel to office and support the work necessary to accomplish successful deliverables within the role. No heavy lifting of equipment is required for this role.
Job Description About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated...
Apply For This JobKey Responsibilities Serve as partner with a sub-group within function or BU, or with a smaller country/site provides support services...
Apply For This JobJob Title: IT Security Analyst III Location: Bangalore Exp: 6+ Interested women professionals, matching the above criteria can share their...
Apply For This JobJob Description Company Description Background By joining dentsu you will not only be joining a great company but one that...
Apply For This JobJob Description How is this team contributing to vision of Providence The Technology Engineering and Ops team provides foundational infrastructure...
Apply For This JobJob Description Leadership Role Impact Job Description The incumbent will be responsible for drafting these elaborate guidelines and monitor these...
Apply For This Job