Nomura Holdings, Inc.
Principal Information Security Specialist
Nomura Holdings, Inc., Indiana, Pennsylvania, us, 15705
Job Title: Principal Information Security Specialist
Job Code: 8210Country: INSkill Category: IT\TechnologyDivision Overview:The Global Information Security teams are responsible for the confidentiality, integrity and availability of the firm’s information and assets. Responsible for maintaining, communicating and raising awareness of the Policy. Facilitate the effective implementation and compliance of the firm’s policies.Business Unit Overview:The team’s focus is to serve as the single point of contact for all Information security related queries, concerns, and technologies. Provide a high standard of user and business support in a responsive and timely manner across all businesses, take responsibility and ownership for maintaining the global strategy and controls for the delivery and operational deployment of global security initiatives in a manner consistent with the common business goals and objectives.Technologies Covered:Exposure to Cloud, Endpoint, Application and network security investigations – like – NDR, IPS, EDR, ATP, Malware defences and detection development on these technologies.Threat hunting experience based on Static, Dynamic and Behaviour.Knowledge of common adversary tactics and techniques, e.g., obfuscation, persistence, Defense evasion, etc.Knowledge of Mitre ATT&CK framework preferred.Good experience (at least 5+ years) in IR and knowledge on handling advanced incident response.Exposure in query development for rule development on Elastic or any Data lake platform.Good understanding of network traffic logs from different systems with analysis including TCP/IP, routing, switching, protocols, etc.Strong understanding of Windows / Linux event log analysis.Good exposure in sharing management level incident communications.Excellent troubleshooting and analytical thinking skills.Excellent understanding of Malware Techniques and Malware analysis skills.Strong documentation and communication skills.Passion for all things information technology and information security.Natural curiosity and ability to learn new skills quickly.Skills & Experience:At least 4+ years of experience within a cybersecurity incident L3/ Advance investigation environment; experience in a leadership role is preferred.Experience in a security operations centre, or similar environment, and identifying indications of compromise or attack and responding to incidents.Position Specifications:Corporate Title:
AssociateFunctional Title:
Principal Information Security SpecialistExperience:
10 - 15 yearsQualification:
B.E / B.Tech / MCA / M.TechRequisition No:
8210 - Position ID - ITIND10015899Role & Responsibilities:8+ years of demonstrated experience in leading complex and advanced cyber security incident investigations.Drive efforts towards containment of threats and remediation of environment during or after an incident.Continuous improvement of overall Cyber Security Incident Response plan and tracking of lessons learned.Lead audit management responsibilities to ensure identified gaps are addressed in respect to required timing to reduce risk.Contribute to the development of use case and prioritization of use case development.Contribute to the process improvement process through development of new detections and changes in the response processes.Perform complex security investigations and root cause analysis.Perform Post Incident reviews and After-Action Reports.Assemble and coordinate with technical teams and third-party vendors to resolve incidents as quickly and efficiently as possible.Ensure that all incidents are recorded and tracked to meet audit and legal requirements where necessary.Function as stakeholder to strengthen the overall Response framework inclusive of SOC and Internal IR Teams.Mind Set:Mandatory:Mandatory hands-on experience on below mentioned Domains / Tools: (Must have Any One) - Elasticsearch (ELK) / Sqrrl / Crowd strike / Fireeye Mandiant HX / SOAR / Cloud Incident Response.Hands-on experience on Sysinternals / Sysmo.Hands-on experience with any Malware analysis tool like Cuckoo, Cisco threat grid, Threat connect.Strong knowledge of Cyber Detection technologies like (Advanced Threat Detection Tools, UEBA Tools, Network Packet Analysis, Endpoint Protection).Should be able to investigate Spam and Malware samples.Certifications Preferred: CISSP, CCSP, GCIH, GCFA.Desired:Strong communication skills, ability to work comfortably with different regions.Actively participate within internal project community.Good team player, ability to work on a local, regional and global basis and as part of joint cross-location initiative.Self-motivated, able to work independently and with a team.Able to perform under pressure.
#J-18808-Ljbffr
Job Code: 8210Country: INSkill Category: IT\TechnologyDivision Overview:The Global Information Security teams are responsible for the confidentiality, integrity and availability of the firm’s information and assets. Responsible for maintaining, communicating and raising awareness of the Policy. Facilitate the effective implementation and compliance of the firm’s policies.Business Unit Overview:The team’s focus is to serve as the single point of contact for all Information security related queries, concerns, and technologies. Provide a high standard of user and business support in a responsive and timely manner across all businesses, take responsibility and ownership for maintaining the global strategy and controls for the delivery and operational deployment of global security initiatives in a manner consistent with the common business goals and objectives.Technologies Covered:Exposure to Cloud, Endpoint, Application and network security investigations – like – NDR, IPS, EDR, ATP, Malware defences and detection development on these technologies.Threat hunting experience based on Static, Dynamic and Behaviour.Knowledge of common adversary tactics and techniques, e.g., obfuscation, persistence, Defense evasion, etc.Knowledge of Mitre ATT&CK framework preferred.Good experience (at least 5+ years) in IR and knowledge on handling advanced incident response.Exposure in query development for rule development on Elastic or any Data lake platform.Good understanding of network traffic logs from different systems with analysis including TCP/IP, routing, switching, protocols, etc.Strong understanding of Windows / Linux event log analysis.Good exposure in sharing management level incident communications.Excellent troubleshooting and analytical thinking skills.Excellent understanding of Malware Techniques and Malware analysis skills.Strong documentation and communication skills.Passion for all things information technology and information security.Natural curiosity and ability to learn new skills quickly.Skills & Experience:At least 4+ years of experience within a cybersecurity incident L3/ Advance investigation environment; experience in a leadership role is preferred.Experience in a security operations centre, or similar environment, and identifying indications of compromise or attack and responding to incidents.Position Specifications:Corporate Title:
AssociateFunctional Title:
Principal Information Security SpecialistExperience:
10 - 15 yearsQualification:
B.E / B.Tech / MCA / M.TechRequisition No:
8210 - Position ID - ITIND10015899Role & Responsibilities:8+ years of demonstrated experience in leading complex and advanced cyber security incident investigations.Drive efforts towards containment of threats and remediation of environment during or after an incident.Continuous improvement of overall Cyber Security Incident Response plan and tracking of lessons learned.Lead audit management responsibilities to ensure identified gaps are addressed in respect to required timing to reduce risk.Contribute to the development of use case and prioritization of use case development.Contribute to the process improvement process through development of new detections and changes in the response processes.Perform complex security investigations and root cause analysis.Perform Post Incident reviews and After-Action Reports.Assemble and coordinate with technical teams and third-party vendors to resolve incidents as quickly and efficiently as possible.Ensure that all incidents are recorded and tracked to meet audit and legal requirements where necessary.Function as stakeholder to strengthen the overall Response framework inclusive of SOC and Internal IR Teams.Mind Set:Mandatory:Mandatory hands-on experience on below mentioned Domains / Tools: (Must have Any One) - Elasticsearch (ELK) / Sqrrl / Crowd strike / Fireeye Mandiant HX / SOAR / Cloud Incident Response.Hands-on experience on Sysinternals / Sysmo.Hands-on experience with any Malware analysis tool like Cuckoo, Cisco threat grid, Threat connect.Strong knowledge of Cyber Detection technologies like (Advanced Threat Detection Tools, UEBA Tools, Network Packet Analysis, Endpoint Protection).Should be able to investigate Spam and Malware samples.Certifications Preferred: CISSP, CCSP, GCIH, GCFA.Desired:Strong communication skills, ability to work comfortably with different regions.Actively participate within internal project community.Good team player, ability to work on a local, regional and global basis and as part of joint cross-location initiative.Self-motivated, able to work independently and with a team.Able to perform under pressure.
#J-18808-Ljbffr