Senior Security Analyst I, Incident Response

Singapore - Singapore

Monthly Salary: Not Disclosed

Posted on: 5 days ago

Vacancies: 1 Vacancy

Job Summary

This position is part of AbbVies Information Security & Risk Management (ISRM) team. We are here to put our partners in a position to succeed. We do it by providing the knowledge tools and support they need to effectively use data and technology while also effectively managing risk.

AbbVie Information Security is looking for a highly motivated diligent and skillful defender to join the Cyber Security Incident Response Team (CSIRT). The CSIRT working within the Cyber Security Operations (CSO) function is responsible for responding investigating containing eradicating and remediating security incidents. Join us as a Senior Security Analyst I Incident Response to support and improve our efforts to defend against adversaries and help our business continue to have remarkable impacts on peoples lives.

This highly technical role will be primarily responsible for responding to cyber security incidents escalated by the Cyber Security Operations Center (CSOC); driving containment eradication and recovery efforts; assisting in improving AbbVies threat detection capabilities; investigating ad-hoc cases; conducting threat hunts; and being a major contributor during critical cyber security incidents.

The ideal candidate must have prior experience with performing cyber security investigations including performing triage and analyzing large data sets as well as in depth knowledge of the latest threats tactics and techniques used by adversaries and how to identify them.

Responsibilities:

Act as a Tier 3 escalation point for cyber security incidents at AbbVie executing response plans and coordinating activity as needed
Identify process improvement opportunities and develop subsequent plans of action to resolve gaps with minimal management intervention or direction
Interpret and summarize technical information for presentation to non-technical business contacts (i.e. executive incident summaries)
Develop integrate improve cyber security incident response playbooks and documentation for the team
Identify capability gaps and assist in developing those capabilities or implementing technology as needed
Examine log system and malware data to assess incident scope and impact
Prepare formal reports on incident findings
Drive improvements in cyber security incident detection
Drive improvements in cyber security incident response automation capabilities
Act as a first responder for cyber security incidents during normal business/off-hours and on-call
Participate and conduct threat hunts as needed
Act as Incident Commander for Priority 3 incidents and Priority 2 incidents as required
Assist and drive cyber security awareness and education initiatives as needed

Qualifications :

Basic Qualifications

Demonstrated competency in log analysis or investigative activities in roles such as incident response threat intelligence security testing or threat/vulnerability response.
Knowledgeable on multiple technologies and systems that support CSOC and CSIRT services (e.g. SOAR SIEM IPS/IDS EDR etc.)
Expert level understanding of incident response terminology and methodologies
Advanced level understanding of Windows OS artifacts TCP/IP networking malware behaviors
Familiarity with ITIL concepts and services
Ability to author clear and concise incident reports
Ability to successfully professionally and respectfully interact with non-technical in-business contacts
Ability to work independently without direction for day-to-day activities
Willingness to be available as needed for major and critical incident response activities during off-hours; and be on-call as required
Capable of learning new concepts and processes quickly and adapting to a constantly changing environment
Education & Experience - Minimum of one of the following:
- Minimum of 8 years of IT experience with 6 years in a specialized information security role
- Bachelors Degree in computer science or related technical field and 6 years of IT experience
- Bachelors Degree in computer science or related technical field and 5 years of specialized information security experience
- Masters Degree in computer science or related technical field and 4 years of specialized information security experience

Desired Qualifications

Prior experience participating in major/critical or complicated cyber security incidents
Experience with incident response methodologies within enterprise cloud environments
Experience analyzing and pivoting on large sets of data with the ability to identify patterns anomalies and outliers
Familiarity with digital forensics concepts and tools malware reversal concepts and techniques and data loss and data protection concepts and processes
Familiarity with various scripting languages (e.g. PowerShell Python JavaScript)
Certifications consisting of any of the following: GIAC Forensic Examiner (GCFE) GIAC Forensic Analyst (GCFA) GIAC Reverse Engineering Malware (GREM) GIAC Network Forensic Analyst (GNFA) GIAC Advanced Smartphone Forensics (GASF)
4-year college degree in computer science or related technical field is preferred

Additional Information :

AbbVie is an equal opportunity employer and is committed to operating with integrity driving innovation transforming lives and serving our community. Equal Opportunity Employer/Veterans/Disabled.

US & Puerto Rico only - to learn more visit & Puerto Rico applicants seeking a reasonable accommodation click here to learn more:

Work :

Employment Type :

Full-time

Responsibilities:

Act as a Tier 3 escalation point for cyber security incidents at AbbVie executing response plans and coordinating activity as needed
Identify process improvement opportunities and develop subsequent plans of action to resolve gaps with minimal management intervention or direction
Interpret and summarize technical information for presentation to non-technical business contacts (i.e. executive incident summaries)
Develop integrate improve cyber security incident response playbooks and documentation for the team
Identify capability gaps and assist in developing those capabilities or implementing technology as needed
Examine log system and malware data to assess incident scope and impact
Prepare formal reports on incident findings
Drive improvements in cyber security incident detection
Drive improvements in cyber security incident response automation capabilities
Act as a first responder for cyber security incidents during normal business/off-hours and on-call
Participate and conduct threat hunts as needed
Act as Incident Commander for Priority 3 incidents and Priority 2 incidents as required
Assist and drive cyber security awareness and education initiatives as needed

Qualifications :

Basic Qualifications

Demonstrated competency in log analysis or investigative activities in roles such as incident response threat intelligence security testing or threat/vulnerability response.
Knowledgeable on multiple technologies and systems that support CSOC and CSIRT services (e.g. SOAR SIEM IPS/IDS EDR etc.)
Expert level understanding of incident response terminology and methodologies
Advanced level understanding of Windows OS artifacts TCP/IP networking malware behaviors
Familiarity with ITIL concepts and services
Ability to author clear and concise incident reports
Ability to successfully professionally and respectfully interact with non-technical in-business contacts
Ability to work independently without direction for day-to-day activities
Willingness to be available as needed for major and critical incident response activities during off-hours; and be on-call as required
Capable of learning new concepts and processes quickly and adapting to a constantly changing environment
Education & Experience - Minimum of one of the following:
- Minimum of 8 years of IT experience with 6 years in a specialized information security role
- Bachelors Degree in computer science or related technical field and 6 years of IT experience
- Bachelors Degree in computer science or related technical field and 5 years of specialized information security experience
- Masters Degree in computer science or related technical field and 4 years of specialized information security experience

Desired Qualifications

Prior experience participating in major/critical or complicated cyber security incidents
Experience with incident response methodologies within enterprise cloud environments
Experience analyzing and pivoting on large sets of data with the ability to identify patterns anomalies and outliers
Familiarity with digital forensics concepts and tools malware reversal concepts and techniques and data loss and data protection concepts and processes
Familiarity with various scripting languages (e.g. PowerShell Python JavaScript)
Certifications consisting of any of the following: GIAC Forensic Examiner (GCFE) GIAC Forensic Analyst (GCFA) GIAC Reverse Engineering Malware (GREM) GIAC Network Forensic Analyst (GNFA) GIAC Advanced Smartphone Forensics (GASF)
4-year college degree in computer science or related technical field is preferred

Additional Information :

AbbVie is an equal opportunity employer and is committed to operating with integrity driving innovation transforming lives and serving our community. Equal Opportunity Employer/Veterans/Disabled.

US & Puerto Rico only - to learn more visit & Puerto Rico applicants seeking a reasonable accommodation click here to learn more:

Work :

Employment Type :

Full-time

Key Skills

Security Management
Sensitive Information Management
Pressure Management
Risk Analysis
Access Control
Safety Procedures
Security Measures
Security Training
Risk Assessment
Access Point
Security Checks
Detect Signs
Safe Environment
Security System
Security Reports

Apply Now

About Company

AbbVie

AbbVie is a global biopharmaceutical company focused on creating medicines and solutions that put impact first for patients, communities, and our world. We aim to address complex health issues and enhance people's lives through our core therapeutic areas: immunology, oncology, neuro ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click