Incident Response Specialist - Cybersecurity @ Varian Medical Systems

Job Description

Together, we can beat cancer.
At Varian, we bring together the world's best talent to realize our vision of a world without fear of cancer. Together, we work passionately to develop and deliver easy-to-use, efficient oncology solutions. If you want to be part of this important mission, we want to hear from you.
We are hiring an Incident Response Specialist who has technical and coordination responsibilities for managing Cybersecurity Incidents . In this function you support the definition and improvement of processes and procedures for Incident Detection, provide the technical expertise to address demands of the Respond and Recover phases of Incident Response, and you drive the continuous improvement phase of the Incident Response Process.
Tasks and Responsibilities
The position will bring a mix of the following tasks and responsibilities:

• Assess, triage, and prioritize security-relevant events from logging and monitoring systems.
• Coordinate and lead Incident Response taskforces and provide technical expertise, working with different business functions such as IT Operations, HR, Legal, Data Privacy, Corporate Communications and Product Security.
• Document and track cybersecurity incidents through their entire lifecycle, from initial detection, triage, response to final resolution and improvements.
• Derive immediate mitigation measures for containment, eradication, and recovery of cybersecurity incident and keep track of its implementation progress during incident response task forces.
• Consume threat intelligence to detect, triage and remediate malware, threats and adversarial activity.
• Develop and carry out regular threat hunting (proactive) activities, making sure learnings are properly documented and propagated to neighboring teams and functions.
• Leverage threat hunting to create and maintain Situational Awareness for related company functions such IT operations, security architects, or service providers.
• Perform analysis of different log files and data sources to identify adversarial activity and anomalies.
• Assess newly arising vulnerabilities and Tactics, Techniques and Procedures (TTPs) to define defensive measures to detect and disrupt adversarial actions. Coordinate with neighboring functions to ensure those measures are turned into actionable changes.
• Collect forensic artifacts, analyze, reverse engineer, and document findings on malicious payloads so that indicators of compromise and information about threats origin and intents are properly disseminated and acted upon.
• Use industry standards to produce and disseminate our own Threat Intelligence to our internal counterparts and external partners.
• Consider business aspects to support an adequate triage and prioritization of cybersecurity incidents, whilst ensuring root-cause are properly clarified. Communicate findings and possible improvement measures in an actionable way.
• Operate and drive continuous improvement to SOC playbooks to protect company personnel, businesses, and assets.
• Document and communicate abstracts and consolidated incident-related findings and trends to support security architecture and security awareness functions.
• Understand and employ defense-in-depth principles and practices to create and maintain defense mechanisms.

Qualifications
Experience: 5+ years of relevant work experience
Education: Bachelor's Degree in computer science. Relevant Industry Certifications such as SANS/GIAC (for example, GCIA, GCIH, GNFA, GCFA), CompTIA Security+ CISSP, CISA, CISM are desirable.
Technology: Cybersecurity, , Cyber Threats & Vulnerability Assessment
Knowledge of relevant technological aspects for this position. The ideal candidate should bring a mix of expertise in (a subset of) the following areas:

• Computer networking concepts and protocols, and network security methodologies

• Risk management processes and methods for assessing and mitigating risk
• Laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. Cybersecurity and how it impacts privacy principles.
• Knowledge of cyber threats and vulnerabilities: how to properly identify, triage, and remediate threats based on threat intelligence as well as on analysis of log data and network traffic.
• Host/network access control mechanisms (e.g., access control list, capabilities lists).
• System administration, network, and operating system hardening techniques.
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Incident categories, incident responses, and timelines for responses.
• Incident response and handling methodologies.
• Intrusion detection methodologies and techniques for detecting host and network-based intrusions.
• Network traffic and packet-level analysis.
• System and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, code and command injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• Experience with Malware analysis, sandboxes, reverse engineering, and tools such as Radare2, OllyDbg, and Hex-Rays IDA Pro.

• Experience with operating system security controls on common platforms such as Linux, Windows.
• Experience with scripting languages (e.g., Python, Bash or PowerShell) and using REST API, as well as data processing, regular expressions, and console-based text processing tools (e.g., sed, awk, jq)

• Models to describe and document cyber-attacks (e.g., reconnaissance, scanning, enumeration, persistency, lateral movement, exfiltration) such as Cyber Kill Chain or MITRE ATT&CK
• Cloud service models and how those models can limit incident response.
• Application Security Risks (e.g. Open Web Application Security Project Top 10 list).

Personality Traits

• Negotiation skills and ability to set and track priorities and deadlines.
• Able to work on a very tight schedule, while keeping track of tasks progress and deadlines.
• Able to structure complex problems and find practicable solutions to those.
• Team player but also able to work on an individual basis.
• Self-learning and curiosity to keep pace with the ever-evolving cybersecurity developments are highly appreciated.
• Advanced English and Communication skills: clear and concise communication able to address stakeholders of different backgrounds and technical expertise.

Soft Skills Requirements

• Collaboration & Customer Orientation (++)
• Intercultural Sensitivity (+)
• Team Development (+)
• Ability to multi-task and handle multiple assignments simultaneously, while focusing on delivery quality (++)
• Ability to use initiative when needed (self-motivation and proactive attitude) (++)
• Excellent communication skills (both written and verbal) in English (++)
• Quick learner and aptitude to get into new technologies and architectures (++)

Fighting cancer calls for big ideas.
We envision a world without fear of cancer. Achieving this vision takes dedication and commitment from all of us, every single day. That's why we celebrate and value the distinctly beautiful and intersectional identities of each of our employees. We are a mirror of our patient-base, which allows us to innovate. Big ideas come from everywhere, and the best ideas are fostered by our unique individual experiences. At Varian, we encourage you to bring your whole self to work and believe your bold and authentic perspective will help to power more victories over cancer.
#TogetherWeFight

Employement Category:

Employement Type: Full time
Industry: Medical Transcription
Functional Area: IT
Role Category: Software Engineer
Role/Responsibilies: Incident Response Specialist - Cybersecurity

Contact Details:

Company: Varian Medical Systems
Location(s): Pune

+ View Contact

×

Login

Candidates can login here to view contacts and apply.

Sign In Sign Up

Email:

Password:

Password too short

To create your profile, apply for a job or make a registration

Sign In Close

Your name (*)

Email (*)

Mobile (*)

Preferred City (* max. 2 w/comma)

Designation / Expected Role

Current / Recent Company (*)

Experience (*)

0 - 1 Yrs 1 - 2 Yrs 2 - 3 Yrs 3 - 4 Yrs 4 - 5 Yrs 5 - 6 Yrs 6 - 7 Yrs 7 - 8 Yrs 8 - 9 Yrs 9 - 10 Yrs 10 - 11 Yrs 11 - 12 Yrs 12 - 13 Yrs 13 - 14 Yrs 14 - 15 Yrs 15 - 16 Yrs 16 - 17 Yrs 17 - 18 Yrs 18 - 19 Yrs 19 - 20 Yrs 20 - 21 Yrs 21 - 22 Yrs 22 - 23 Yrs 23 - 24 Yrs 24 - 25 Yrs 25 - 26 Yrs 26 - 27 Yrs 27 - 28 Yrs 28 - 29 Yrs 29 - 30 Yrs 30+ Yrs

Expected Salary (*)

Rs 0 - 50K PM Rs 50K - 1 LPA Rs 1.0 - 1.5 LPA Rs 1.5 - 2.0 LPA Rs 2.0 - 2.5 LPA Rs 2.5 - 3.0 LPA Rs 3.0 - 3.5 LPA Rs 3.5 - 4.0 LPA Rs 4.0 - 4.5 LPA Rs 4.5 - 5.0 LPA Rs 5 - 6 LPA Rs 6 - 7 LPA Rs 7 - 8 LPA Rs 8 - 9 LPA Rs 9 - 10 LPA Rs 10 - 12 LPA Rs 12 - 14 LPA Rs 14 - 16 LPA Rs 16 - 18 LPA Rs 18 - 20 LPA Rs 20 - 22 LPA Rs 22 - 24 LPA Rs 24 - 26 LPA Rs 26 - 28 LPA Rs 28 - 30 LPA Rs 30 - 32 LPA Rs 32 - 34 LPA Rs 34 - 36 LPA Rs 36 - 38 LPA Rs 38 - 40 LPA Rs 40 - 42 LPA Rs 42 - 44 LPA Rs 44 - 46 LPA Rs 46 - 48 LPA Rs 48 - 50 LPA Rs 50 - 75 LPA Rs 75 Lakh - 1C PA Rs 1 Crore+ PA

Desired Industry (*):

Accounting / Finance Advertising / MR / PR / Events Agriculture / Dairy Animation / Multimedia Architecture / Interior Design Astrology Automobile / Auto Ancillaries / Auto Components Aviation / Airline / Aerospace / Aeronautical Banking / Financial Services / Broking BPO / Call Center / ITeS Brewery / Distillery Broadcasting Cement / Building Material Chemical / Petro / Plastic / Rubber / Glass Consumer Electronics / Appliances / Durables Courier / Transportation / Freight Defence / Government Education / Teaching / Training Electricals / Switchgears Engineering / Construction / Cement / Metals Environment / Waste Management Export / Import / Trading Facility Management Fertilizers / Pesticides FMCG / Foods / Beverage Food Processing Furnishings / Ceramics / Sanitaryware / Electricals Gems / Jewellery Gifts / Toys / Stationary Government / Departmental Heat Ventilation / Air Conditioning Hotel / Restaurant Industrial Design Industrial Products / Heavy Machinery Insurance Internet / E-Commerce IT - Hardware / Networking IT - Software / Services KPO / Research / Analytics Leather / Leather Products Legal / Courts Logistics / Courier / Transportation Management Consulting / Strategy Manufacturing / Production Matrimony / Matchmaking Media / Entertainment Medical / Healthcare / Hospital Merchant Navy Metal / Iron / Steel MFI - Micro Finance Military / Police / Arms Ammunition Mining / Quarrying NBFC-Non Banking Financial Services NGO / Social Work Office Equipment / Automation Not Mentioned Paint / Art / Sculpture / Craft Paper / Wood Personal Care / Beauty Pharma / Biotech / Clinical Research Politics Power / Energy / Oil / Gas / Petroleum Printing / Publishing / Packaging Quality Certification Real Estate / Property Recruitment Services / RPO Religion / Spirituality Retail Security / Detective Services Semiconductors / Electronics Shipping / Marine Telecom / ISP Textile / Garments / Fashion Travel / Tourism / Hotels / Airlines / Railways Unskilled Labor / Domestic Help Veterinary Science / Pet Care Sports / Fitness / Beauty

Functional area / Department (*):

Accounts / Finance / Tax / CS / Audit Agent / Agency Analytics & Business Intelligence Architecture / Interior Design Banking / Insurance Beauty / Fitness / Spa Services Content / Journalism Corporate Planning / Consulting CSR & Sustainability Engineering Design / R&D Export / Import / Merchandising Fashion / Garments / Merchandising Guards / Security Services Hotels / Restaurants HR / Administration / IR IT- Hardware / Telecom / Technical Staff / Support IT Software - Application Programming / Maintenance IT Software - Client Server IT Software - DBA / Datawarehousing IT Software - E-Commerce / Internet Technologies IT Software - Embedded /EDA /VLSI /ASIC /Chip Des. IT Software - ERP / CRM IT Software - Mainframe IT Software - Middleware IT Software - Mobile IT Software - Network Administration / Security IT Software - Other IT Software - QA & Testing IT Software - System Programming IT Software - Systems / EDP / MIS IT Software - Telecom Software ITES / BPO / KPO / Customer Service / Operations Legal Marketing / Advertising / MR / PR Pharma / Biotech / Healthcare / Medical / R&D Packaging Production / Maintenance / Quality Purchase / Logistics / Supply Chain Sales / BD Secretary / Front Office / Data Entry Self Employed / Consultants Shipping Site Engineering / Project Management Teaching / Education Top Management Ticketing / Travel / Airlines TV / Films / Production Web / Graphic Design / Visualiser Other Areas

Enter Skills (key skills, subjects, technologies & roles to use in search)

Write briefly about yourself, your experience and education (*)

Attach Resume  Max 2.38 MB (RTF, PDF, DOC, DOCX formats only parsed)

Please, check the file size and type.

Add social media [ + ]

Create password

I agree with website service terms and conditions

Sign Up Close

Candidates are expected to provide most recent and accurate profile information, inappropriate content is strictly prohibited!