Are you interested?

Apply On Web

Hexagon is a global leader in sensor, software and autonomous solutions. We are putting data to work to boost efficiency, productivity, and quality across industrial, manufacturing, infrastructure, safety, and mobility applications. Our technologies are shaping urban and production ecosystems to become increasingly connected and autonomous – ensuring a scalable, sustainable future.

Hexagon’s PPM division empowers its clients to transform unstructured information into a smart digital asset to visualize, build, and manage structures and facilities of all complexities, ensuring safe and efficient operation throughout the entire lifecycle.

Hexagon (Nasdaq Stockholm: HEXA B) has approximately 21,000 employees in 50 countries and net sales of approximately 3.8bn EUR. Learn more at hexagon.com and follow us @HexagonAB.


© 2021 Hexagon AB and/or its subsidiaries and affiliates. All rights reserved.

Responsibilities

  • Lead content and process development for existing and new cyber defense tools; Lead creation and validation of signatures or Indicators of Compromise (IOCs) in response to new or observed threats.
  • Lead cross-functional teams to resolve computer security incidents, to improve the security posture of McAfee’s infrastructure and vulnerability compliance.
  • Perform event correlation using information gathered from a variety of sources to gain situational awareness to detect, confirm, contain, remediate, and recover from attacks.
  • Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
  • Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information; Perform root cause analysis to determine tactics, techniques, and procedures (TTPs) for intrusions.
  • Notify Security Operations managers and cyber incident responders of suspected cyber incidents in accordance with the cyber incident response plan and procedures
  • Exercise a user-oriented approach while handling security incidents to ensure that user impact is minimized as much as possible, and the situation is well articulated to users
  • Document ongoing incidents, after-action reports, and escalate incidents
  • Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
  • Monitor external data sources to maintain currency of cyber defense threat conditions and determine which security issues may have an impact on the enterprise.
  • Support Incident Response efforts - evidence collection, documentation, communications, and reporting.
  • Responsible for the enforcement of corporate information security policies to protect McAfee's information assets and intellectual property.
  • Lead or contribute to security risk assessments that determine threats, consequences, and vulnerabilities to key assets, products, and services.
  • Recommend and drive additional security controls to meet current and future needs.

Qualifications

  • 5+ years of experience in Security Operations environment
  • Exercising solid critical thinking and analytical skills Leading efforts during one or more phases of Incident Response lifecycle Application of cybersecurity principles and risk management basics to mitigate risk Leading & collaborating with multiple teams to drive improvements and resolutions Cloud security monitoring – detection and response (AWS, GCP, and Azure)
  • Mentoring junior analysts and improving security technologies & processes
  • You have taken initiatives to drive improvements for security technologies and processes
  • Outstanding knowledge of the Security Operation Center (SOC) & the Information Security Common Body of Knowledge and best practices
  • Excellent knowledge of process automation and use of SIEM & SOAR tools
  • Ability to improvise as newer threats emerge and guide team on threat hunting
  • Preferred certifications: GCIH, GCFA, CEH, Network+, Security+, cloud service provider certifications or equivalent industry standard certifications

Preferred Qualifications

  • Familiarity with Rapid7 suite of tools
  • Familiarity with Crowdstrike suite of tools
  • Familiarity with SumoLogic, Splunk or other log aggreation tools
  • Familiarity with Microsoft Active Directory

Are you interested?

Apply On Web

Upcoming Events

August 9 - August 11 2022

MaximoWorld 2022

View all Events