Job Description :
JD:
3+ years of information security experience in a large enterprise
Experience in analysing security breaches to understand the root cause, the extent of damage and identifying options for remediation.
Strong comprehension of IR technologies, malware, emerging threats as well as experience in a large corporate environment.
Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing, network & system security and the development of exploits
Strong technical understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.
Strong experience with security products and technologies, primarily related to event and incident handling (e.g., SIEM, Security Analytics, HIDS/NIDS, AV, signature and behavioural-based systems), experience using and configuring SIEM and Security Analytics solutions will be desired.
Experience in analysing network traffic behaviour and flow, including full packet capture, flow data, and network statistical data
Knowledge in using next generation cyber defence tools. Prior experience in using security analytics solutions and security log management platforms is a plus
Ability to write tools or scripts (e.g., Python, PERL, shell scripting) to automate analysis and enhance detection capability where required
Prior experience in a 24x7x365 operations environment
Excellent communication and stakeholder management skills, as well as strong security, risk and compliance acumen.
Ability to motivate team members to coordinate cross functional working teams across all areas of the business globally.
A proactive approach to promoting a cyber aware culture within the BHP workforce
Ability to self-motivate with minimal supervision or oversight.
An eagerness to learn and develop to grow as a cyber security professional
An overriding commitment to health, safety, environmental responsibility and sustainable development.
Responds to computer security incidents per the cybersecurity incident response policy
Drive a cyber aware culture within the BHP workforce.
Provides guidance to Technology support triage teams for handling information security incidents
Provides timely and relevant updates to appropriate stakeholders and decision makers
Validates and maintains incident response plans and processes to address potential threats
Compiles and analyzes data for management reporting and metrics
Analyzes potential impact of new threats and communicates risks to relevant business units
Identifies intrusion activity by leveraging alert data from multiple sensors and systems and determines priority for response.
Respond to security incident response activities (triage, root cause analysis, escalations, notifications, communication, etc and develop strategies to contain and eradicate the incident, and recover operations efficiently.
Participate table top exercises to test the effectiveness of the incident response process periodically.
Work in close collaboration with other cyber security teams (including Level 2/3 response team) to share information and build a strong eco-system for defending organisation''s information resources.
Provides recommendations for defining rules and malware signatures for enhanced detection and mitigation based on analysis.
Analyses and researches known indicators, correlate events, identify malicious activity and discover new sources to provide early warning related to a variety of cyber threats
Develop and maintain the process of evidence/data collection and base the investigation process and rigour on the type of incident assessment. Additionally, investigates tasks for root cause analysis.
Stays current with the incident response community to maintain/develop formal and informal sources of information and incorporate industry best practices where applicable.