**Summary**:
**About the Role**:
**MAJOR ACCOUNTABILITIES**
In addition to accountabilities listed above in Job Description:
- Security Monitoring and Triage
- Monitor in real time security controls and consoles from across the Novartis IT ecosystem
- Communicate with technical and non-technical end users who report suspicious activity
- Forensics and Incident Response
- Conduct initial investigations into security incidents involving a variety of threats
- Support incident response activities including scoping, communication, reporting, and long term remediation planning
- Prepare technical reports for business stakeholders and IT leadership
- Big Data analysis and reporting:
- Utilizing SIEM/Big data to identify abnormal activity and extract meaningful insights.
- Research, develop, and enhance content within SIEM and other tools
- Technologies and Automation:
- Interface with engineering teams to design, test, and implement playbooks, orchestration workflows and automations
- Research and test new technologies and platforms; develop recommendations and improvement plans
- Day to day:
- Perform host based analysis, artifact analysis, network packet analysis, and malware analysis in support of security investigations and incident response
- Coordinate investigation, containment, and other response activities with business stakeholders and groups
- Develop and maintain effective documentation; including response playbooks, processes, and other supporting operational material
- Perform quality assurance review of analyst investigations and work product; develop feedback and development reports
- Provide mentoring of junior staff and serve as point of escalation for higher severity incidents
- Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement
- Recommend or develop new detection logic and tune existing sensors / security controls
- Work with security solutions owners to assess existing security solutions array ability to detect / mitigate the abovementioned TTPs
- Creating custom SIEM queries and dashboards to support the monitoring and detection of advanced TTPs against Novartis network
Division
Operations
Business Unit
CTS
Location
Mexico
Site
INSURGENTES
Company / Legal Entity
MX06 (FCRS = MX006) Novartis Farmacéutica S.A. de C.V.
Job Type
Full time
Employment Type
Regular
Shift Work
No