Job Description

Location:

Condé Nast is a global media company home to iconic brands including Vogue The New Yorker GQ Glamour AD Vanity Fair and Wired among many others. The companys award-winning content reaches 84 million consumers in print 367 million in digital and 379 million across social platforms and generates more than 1 billion video views each month. The company is headquartered in London and New York and operates in 32 markets worldwide including China France Germany India Italy Japan Mexico & Latin AmericaRussia Spain Taiwan the U.K. and the U.S. with local licence partners across the globe.

The Conde Nast 24/7/365 global Security Operations Centre (SOC) underpins Conde Nasts security posture and enhances the organisations security profile. The SOC leverages new and existing tools solutions and capabilities to provide dedicated Threat detection and Analysis Infrastructure Event Monitoring with Security Incident Management and

Vulnerability deliver the above we are recruiting for an Engineer II Security Operations to join our Security Operations Centre (SOC). The Engineer II Security Operations reports to the Manager Security Operations and as part of the Conde Nast SOC will focus on providing real-time security event monitoring and security incident detection response and remediation using NDR XDR SIEM and other security management tools

This role is critical to providing;

• Security Event Monitoring

• Event Triage and Escalation

• Threat monitoring and management

• Threat Hunting

• Security Incident Analysis and Response

• Escalation point for Associate Engineer Security Operations (SOC)

Job Description

Location: Chennai TN

About The Role:

Condé Nast is looking for an experienced engineer to join and help us build the next generation of our digital products. You will work closely with our product teams and help the engineering team in their shared mission to scale out and build our public-facing platform. These teams focus spans many types of products essential to both editors other engineers and subscribers. Your work will drive the future of Condé Nasts digital strategy in todays publishing market and reach our millions of readers around the world.

About Responsibilities:

• Minimum 5 years Security Operations Centre experience with a minimum of 4 years hands-on experience with event and incident monitoring and management toolsservices and solutions to deliver SOC services.

• Experience of providing SOC services in a 24/7/365 service delivery environment with shift rotas.

• Perform L2 investigation and triage of alerts from SIEM EDR NDR WAF and cloud-native security tools.

• Respond to and handle security alertsevents and incidents including but not limited to phishing malware ransomware account compromise insider threats and cloud misuse.

• Perform incident containment remediation coordination and closure within defined SLAs.

• Collaborating with colleagues and key stakeholders within and outside your own department or function to support the delivery of vulnerability remediation and patching.

• Supporting SIEM platforms by collaborating on building playbooks that ensure appropriate log source integrations and fine-tuning.

• Assist as required Vulnerability Management engineer by coordinating and monitoring activities in relevant areas of the VM program such as security patch and remediation management.

• Work with Security Engineers to ensure all security tools and solutions are appropriately configured and maintained to provide Security Operations with visibility into assets environments and users.

• Threat Hunting - participate in threat management by supporting the gathering and use of threat intelligence (IOCs updated rules etc.) to identify affected systems and the scope of the threat landscape

• Ensure identified Threats are catalogued processed and logged with contingent plans agreed with the Security Operations manager

Experience:

• Experience of monitoring and responding to events and incidents using Network

• Detection and Response (NDR) EDR/XDR

• Experience with SIEM solutions (Splunk or other)

• Demonstrable ability to perform L2 investigation and triage of alerts from SIEM EDR NDR WAF and cloud-native security tools

• Understanding of cloud platforms (AWS Google Cloud MS Azure)

• Hands-on experience of SOAR and associated solutions (Demisto/InsightConnect/Swimlane/IBM Security Resilient)

• Good working knowledge and hands-on experience of cyber defensive and offensive techniques malware families and adversary tactics techniques and procedures MITRE ATT&CK NIST Frameworks

• Monitoring and investigating alerts from cloud-native tools: AWS GuardDuty and

GCP Security

• Detect and respond to: IAM abuse credential compromise privilege escalation publicly exposed cloud resources (S3/Blob buckets databases APIs) and suspicious API calls and other anomalous cloud activity.

• Support remediation of cloud misconfigurations and cloud security best practices

• Sound understanding of how Host/Network IPS/IDS and DLP solutions contribute to protecting an organisation

• Working knowledge of AWS / Azure / GCP.

• Good understanding of email security and phishing analysis

• Knowledge of ServiceNow Jira and Confluence.

• Any experience of endpoints telemetry analysis Malware analysis and understanding of Exploit kits

• Good communication skills

• Experience of working in a fast-paced globally dispersed environment

• Good analytical problem-solving and interpersonal skills

Educational Qualifications:

• in technology.

• Security Certifications are a bonus - CompTia Security

• CySA CISSP any cloud

• Security SSCP or similar

What happens next

If you are interested in this opportunity please apply below and we will review your application as soon as possible. You can update your resume or upload a cover letter at any time by accessing your candidate profile.

Condé Nast is an equal opportunity employer. We evaluate qualified applicants without regard to race color religion sex sexual orientation gender identity national origin disability veteran status age familial status and other legally protected characteristics.