Job Overview

open roles: cyber security operations

location pune:

working model : hybrid

experience 3-5 years

job description:

1. assists with responding to computer security incidents according to the information security policies and industry best practices.

2. assists with coordinating the efforts of and provide timely updates to multiple business units during response.

3. contributes to a team of cyber security professionals working with threat data, writing non-complex reports, briefing event details to leadership, and coordinating remediation with personnel.

4. monitor information security related web sites (sans internet storm center, etc.) and mailing lists (bugtraq, etc.) to stay up to date on current attacks and trends.

5. perform basic analysis in support of intrusion detection operations . documents and escalates incidents, including event's history, status, and potential impact for further action, that may cause ongoing and immediate impact to the environment.

6. assists with incident triage, to include determining scope, urgency, and potential impact; identifying the specific vulnerability; and making recommendations that enable expeditious remediation.

7. provides timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities.

8. conducts research, analysis, and correlation across a wide variety of all source data sets (e.g., indications and warnings).

9. recognizes a possible security violation or deficiencies and take appropriate action to report the incident, as required

10. working on application security, logs maintenance, access review and dr plan preparations.

open roles: cybersecurity risk analyst

location pune:

working model : hybrid

experience 4-6 years

job description:

1. builds an understanding of manufacturing cybersecurity policies and industry data privacy principles.

2. participates in cybersecurity risk identification utilizing identified risk management frameworks while working with the team to evaluate severity and mitigation plans.

3. knowledge of india acts (e.g cert-in,itgc, it act etc.) in a manner specific to cummins processes and controls.

4. assists in promotion of cybersecurity awareness.

5. assists with responding to computer security alerts, events and incidents if any & coordinating the efforts of and provide timely updates to respective business units during the response.

6. contributes to a team of cyber security professionals working with threat data, writing non-complex reports

7. recognizes a possible security violation or deficiencies and report to the cyber governance team.

8.understanding a variety of security and compliance policies and incident response processes; working with respective business units to determine sensitive data that needs to be protected with the dlp technology.

9.knowledge of core information security concepts related to governance, risk & compliance

10. familiarity with networks and enterprise architecture

11. excellent interpersonal, verbal, and written communication skills with the ability to communicate security risk and compliance related concepts to a broad range of technical and non-technical staff

12. ability to maintain incident and process documentation

13. ability to identify and translate data loss risks and planning mitigation into dlp policy rules

14. understand and apply security knowledge to concepts of data at rest, data in motion, and data in use

15. conduct analysis and complete reporting on dlp metrics, trends, and anomalies

16. assisting business it teams in creating the asset inventories, updating the drawings.

17. assisting business it teams in creating the architecture review documents for new and upgradation projects

open roles: vulnerability management analyst

location pune:

working model : hybrid

experience 3-4 years

job description:

1. skilled and detail-oriented vulnerability management analyst to support our cybersecurity team in identifying, tracking, and remediating software vulnerabilities and end-of-life (eol) operating systems.

2. the successful candidate will work closely with application teams, site bisos, and other stakeholders to ensure compliance and risk mitigation.

vulnerability remediation:

1.conduct regular meetings with the organization's corporate, manufacturing, and site application teams to discuss vulnerabilities.

2.track and report vulnerability remediation efforts across various teams.

3.provide regular tracking metrics and updates to application teams and the cybersecurity team.

4. end-of-life (eol) operating system management:

5. develop and maintain reporting dashboards using tenable to track eol os efforts.

6. monitor priorities, including bcc1, dmz, end of support systems, and assets still on the network.

7. track exceptions and short-term extension requests related to eol os.

8. collaborate with site cisos to ensure compliance with security policies and mitigate risks.

9. tenable security platform utilization:

10. complete formal tenable training and certification within the first year.

11. utilize tenable for producing vulnerability reports for different audiences.

12. review vulnerability status and initiate scans as needed.