REQ-10027419
Nov 06, 2024
India

Sammanfattning

The Automation Engineering Service is integral to CSOC operations, encompassing the planning, development, testing, operationalization, and tuning of automation content for functions such as detection, investigation, hunting, forensics, and engineering. Responsibilities include planning, developing, testing, operationalizing, and maintaining CSOC ticketing systems for all teams, defining and measuring performance KPIs, and delivering timely reports to CSOC stakeholders and senior leaders. The role necessitates interfacing with various CSOC stakeholders to align initiatives, gather feedback, and continuously enhance services. Additionally, it involves researching new tools and techniques to bolster CSOC’s capabilities in monitoring, detecting, and responding to cyber threats, as well as monitoring the health of automation content to detect anomalies that could impact CSOC performance.

About the Role

Major accountabilities:

  • Talent and Growth.
  • Manage and mentor associates and team leaders.
  • Plan and implement technical and nontechnical development strategies for continuous development of CSOC analysts and leaders strategy and direction.
  • Automation engineering service involves planning, developing, testing, operationalizing, and tuning automation content for CSOC functions like detection, investigation, hunting, forensics, and engineering.
  • Plan, develop, test, operationalize, and maintain CSOC ticketing for all teams.
  • Define and measure performance and effectiveness KPIs; develop and deliver timely reporting to CSOC stakeholders and senior leaders.
  • Interface with other CSOC stakeholders to align on initiatives; proactively gather feedback; adjust and improve service continuously.
  • Research new tools and techniques to improve overall CSOC ability to monitor, detect, and respond to cyber threats.
  • Monitor health of automation content to detect outages, spikes, or other anomalies that may impact CSOC performance.

Key performance indicators:

  • Evaluate and review SOAR team performance
  • Effectively and efficiently design and implement process automations, create supporting technical documentation and redundancy controls.
  • Accurately troubleshoot to diagnose and resolve problems with process automations, case management issues, scripts, and other custom solutions that support CSOC operations.
  • Identify technology and process gaps that affect CSOC services; develop solutions and make recommendations for continuous improvement.
  • Good cultural orientation and strong influencer of information risk management, information security, IT security, to be embedded across IT, OT and Medical Technologies.

Minimum Requirements:
Experience:

  • 10+ Years work experience.
  • 4+ Years Python scripting or other similar coding experience.
  • Experience with Python and Splunk.
  • Experience planning, designing, developing, and testing automation solutions with SOAR platforms (Cortex, Phantom, FortiSOAR, etc).
  • Experience developing solutions with SIEM tools (Splunk, QRadar, Sentinel, etc.).
  • Experienced IT administration with broad and in-depth technical, analytical and conceptual skills.
  • Experience in reporting to and communicating with senior level management (with and without IT background, with and without in-depth risk management background) on incident response topics.
  • Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related and incident response concepts to technical as well as nontechnical audiences.
  • Proven experience to initiate and manage projects that will affect CSOC services and technologies.

Skills:

  • Understanding of SOAR architecture components, including technology integrations, common automation scenarios and solutions.
  • Understanding of configuration files and relationship between GUI configuration and backend configuration file impact.
  • Experience with software development lifecycle and user acceptance testing.
  • An understanding of error messages and logs displayed by various software.
  • Ability to troubleshoot, diagnose and solve issues independently.
  • Self-learner, ability to document learning as experience is gained.
  • Understanding of network protocols and topologies.
  • Strong technical troubleshooting and analytical skills.
  • Experience with platform and application automated deployment and version control software e.g. (Ansible, Git, Bitbucket).
  • A knowledge of the MITRE ATT&CK framework is beneficial.
  • Ability to prioritise workload.
  • Excellent written and spoken English.
  • Calm and logical approach.

Languages :

  • English.

Why Novartis: Helping people with disease and their families takes more than innovative science. It takes a community of smart, passionate people like you. Collaborating, supporting and inspiring each other. Combining to achieve breakthroughs that change patients’ lives. Ready to create a brighter future together? https://www.novartis.com/about/strategy/people-and-culture

Join our Novartis Network: Not the right Novartis role for you? Sign up to our talent community to stay connected and learn about suitable career opportunities as soon as they come up: https://talentnetwork.novartis.com/network

Benefits and Rewards: Read our handbook to learn about all the ways we’ll help you thrive personally and professionally: https://www.novartis.com/careers/benefits-rewards

Operations
CTS
India
Hyderabad (Office)
Technology Transformation
Full time
Regular
No
A female Novartis scientist wearing a white lab coat and glasses, smiles in front of laboratory equipment.
REQ-10027419

Dir. DDIT ISC CSOC Automation Engineering

Apply to Job