Synchronoss Technologies (Nasdaq: SNCR) builds software that empowers companies around the world to connect with their subscribers in trusted and meaningful ways. The company’s collection of products helps streamline networks, simplify onboarding, and engage subscribers to unleash new revenue streams, reduce costs and increase speed to market. Hundreds of millions of subscribers trust Synchronoss products to stay in sync with the people, services, and content they love. That’s why more than 1,500 talented Synchronoss employees worldwide strive each day to reimagine a world in sync.
How you will help::
The Cybersecurity Incident Response Team (CSIRT) under Global Information Security (GIS) team is responsible for coordinating with IT, Legal, Human Resources, and other appropriate business units to gather incident details, assess impact, and coordinate response. This role interacts with all levels of the organization, particularly within the IT organization and is viewed as a subject matter expert on Incident Response. The focus of the role is primarily responding to security incidents, managing, and consistently maturing the security incident response process, and building CSIRT’s technical investigative capabilities (process & technology). The role also involves securing both cloud and on-premises infrastructures, analyzing metrics and log data to filter out suspicious activity, and finding and mitigating risks before incidents occur. If an incident does occur, security analysts are on the front line, leading efforts to counter the attack. You will identify and resolve security incidents and design supportable technical solutions which protect the availability, integrity, and confidentiality of sensitive information and assets. This role is a key contributor in supporting all compliance initiatives including but not limited to PCI, SOX and PII
- Monitor and investigate security alerts, events and suspicious activity detected on the Synchronoss enterprise and customer platforms. This includes log analysis, engaging appropriate teams and following escalation process.
- Document findings, mitigation steps and track issues to final resolution.
- Represent the Security Operations Center on incident bridge calls providing technical expertise related to cyber security
- Participate in risk evaluation and management of those risks.
- Analyze current security controls for effectiveness and suggest improvements where applicable.
- Serve as one of the global escalation points for cybersecurity incidents not resolved at the L1 levels.
- Providing forensic analysis in support of investigations including evidence seizure(artifacts) and data recovery.
- Perform Threat Hunting tasks to proactively detect advanced threats that evade traditional security solutions and develop SIEM alerts based on finding.
- Participate in the planning and execution of purple team testing and IR tabletop exercises. Provide input to results and assist with the creation and refinement of Incident Response Run books.
- Identify key Indicators of Compromise (IOCs) from new or unknown malware and develop. rules and signatures for detection Assessing security risks to the organization's information and communications systems.
- Researching the latest information security trends to understand the latest vulnerabilities and threats.
- Providing artifacts to Governance Risk & Compliance (GRC) team in relation to internal & external audits.
5+ years of hands-on experience with a focus in areas such as systems, network, or information security / cybersecurity with 5+ years of cybersecurity Incident Response experience
- Experience in maintaining, configuring, and troubleshooting a SIEM infrastructure like such as LogRhythm or QRadar
- Creating and maintaining alarm rules, use cases, filters, dashboards, and reports to identify malware activity, misconfigurations, and/or anomalies
- Incident Response Run book design on Service Now SecOps module.
- Experience participating blue, purple team & IR tabletop exercises.
- Must have experience with analysis of network traffic, application logs and endpoint artifacts.
- Experience working on Cloud (AWS)/Network Security technologies – AWS Security Groups, Firewalls, VPN, IDS, IPS, proxies, WAF, NAC etc.
- Solid understanding of the underlying LINUX/UNIX and Windows OS security architecture.
- Experience working with AWS & Docker container security solutions.
- Ability to analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents.
- Self-starter, work independently and adjust to changing priorities, critical and strategic thinker, negotiator and consensus builder.
- PCI, PII, SOX and SOC2 audit experience.
- ntegrating Log sources for Custom applications into SIEM and associated troubleshooting.
- Scripting skills such as Python, Perl, Shell, Bash.
- Preferred Information Security professional certifications such as CISM, CISA, GSEC, GMON, CEH.
Competitive Salary + Bonus
- Flex Time PTO
Synchronoss is proud to be an equal opportunity employer. As a global company, we value and celebrate diversity and are committed to a workplace free from discrimination and harassment. We take pride in fostering an inclusive environment based on mutual respect and merit. We are at our best when our workforce is dynamic in thought, experience, skill set, race, age, gender, sexual orientation, sexual expression, national origin and beyond.
Let us know
Help us maintain the quality of jobs posted on RemoteTechJobs and let us know if:
Headquarters: New York, NY URL: https://clevertech.bizExperience Remote done Right. Over 20 years of remote experience, all 500+ staff are 100% remote, and we still grow vibrant relationships and provide exceptional opportunities for career growth while.