Sammanfattning
About the Role
Major accountabilities:
- Talent and Growth.
- Manage and mentor associates and team leaders.
- Plan and implement technical and nontechnical development strategies for continuous development of CSOC analysts and leaders strategy and direction.
- Automation engineering service involves planning, developing, testing, operationalizing, and tuning automation content for CSOC functions like detection, investigation, hunting, forensics, and engineering.
- Plan, develop, test, operationalize, and maintain CSOC ticketing for all teams.
- Define and measure performance and effectiveness KPIs; develop and deliver timely reporting to CSOC stakeholders and senior leaders.
- Interface with other CSOC stakeholders to align on initiatives; proactively gather feedback; adjust and improve service continuously.
- Research new tools and techniques to improve overall CSOC ability to monitor, detect, and respond to cyber threats.
- Monitor health of automation content to detect outages, spikes, or other anomalies that may impact CSOC performance.
Key performance indicators:
- Evaluate and review SOAR team performance
- Effectively and efficiently design and implement process automations, create supporting technical documentation and redundancy controls.
- Accurately troubleshoot to diagnose and resolve problems with process automations, case management issues, scripts, and other custom solutions that support CSOC operations.
- Identify technology and process gaps that affect CSOC services; develop solutions and make recommendations for continuous improvement.
- Good cultural orientation and strong influencer of information risk management, information security, IT security, to be embedded across IT, OT and Medical Technologies.
Minimum Requirements:
Experience:
- 10+ Years work experience.
- 4+ Years Python scripting or other similar coding experience.
- Experience with Python and Splunk.
- Experience planning, designing, developing, and testing automation solutions with SOAR platforms (Cortex, Phantom, FortiSOAR, etc).
- Experience developing solutions with SIEM tools (Splunk, QRadar, Sentinel, etc.).
- Experienced IT administration with broad and in-depth technical, analytical and conceptual skills.
- Experience in reporting to and communicating with senior level management (with and without IT background, with and without in-depth risk management background) on incident response topics.
- Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related and incident response concepts to technical as well as nontechnical audiences.
- Proven experience to initiate and manage projects that will affect CSOC services and technologies.
Skills:
- Understanding of SOAR architecture components, including technology integrations, common automation scenarios and solutions.
- Understanding of configuration files and relationship between GUI configuration and backend configuration file impact.
- Experience with software development lifecycle and user acceptance testing.
- An understanding of error messages and logs displayed by various software.
- Ability to troubleshoot, diagnose and solve issues independently.
- Self-learner, ability to document learning as experience is gained.
- Understanding of network protocols and topologies.
- Strong technical troubleshooting and analytical skills.
- Experience with platform and application automated deployment and version control software e.g. (Ansible, Git, Bitbucket).
- A knowledge of the MITRE ATT&CK framework is beneficial.
- Ability to prioritise workload.
- Excellent written and spoken English.
- Calm and logical approach.
Languages :
- English.
Why Novartis: Helping people with disease and their families takes more than innovative science. It takes a community of smart, passionate people like you. Collaborating, supporting and inspiring each other. Combining to achieve breakthroughs that change patients’ lives. Ready to create a brighter future together? https://www.novartis.com/about/strategy/people-and-culture
Join our Novartis Network: Not the right Novartis role for you? Sign up to our talent community to stay connected and learn about suitable career opportunities as soon as they come up: https://talentnetwork.novartis.com/network
Benefits and Rewards: Read our handbook to learn about all the ways we’ll help you thrive personally and professionally: https://www.novartis.com/careers/benefits-rewards