Description

What makes this a great opportunity?

Suntory Global Spirits is a world leader in premium spirits with $5.5 billion in annual revenues and an ambition to become the World's Most Admired Premium Spirits Company. We have a strong vision and strategy, an incredible brand portfolio grounded in quality and craftsmanship, an unwavering commitment to sustainability and top talent across the organization. We are focused on driving value across key priorities including American whiskey, Japanese Spirits, Scotch, Tequila and Ready-to-Drink. Headquartered in New York City, Suntory Global Spirits is a subsidiary of Suntory Holdings, which is world renowned for delivering quality and excellence across a range of products and categories.

The Senior Engineer Security Operations is a supportive member of the Global Information Security team who monitorsSIEM platform, is in charge of incident management processes, and is responsible for ensuring tools, software, and hardware are secured and protected from cyber-attacks and are operating efficiently.

Role Responsibilities

• Effectively monitor and respond to all security events on a 24/7 basis in a global environment

• Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress and documenting lessons learned
• Serves as an escalation point in the incident handling process
• Provide containment support when a security incident is detected to minimize the risk of lateral movement while engaging internal/external stakeholders
• Support onboarding and maintenance of a wide variety of data sources to include various OS, appliance, and application logs
• Create queries, dashboards, and visualizations to support Organization's requirements and monitoring of the SIEM deployment
• Support troubleshooting and remediation of issues as they arise with data ingestion and SOC infrastructure
• Configure and manage Log Collectors as per vendor recommendation and best practices
• Self-guided research to track threat actors of importance for security products and services using threat intelligence and threat intel protection technologies and take proactive actions
• Deliver Day-to-day SOC services as per the defined processes and SLAs
• Develop and maintain automation workflows to improve containment SLAs and end user experience
• Serves as
• Evaluate and update SOC policies and procedures as appropriate
• Deliver required metrics and reporting for senior leadership and program management
• Develop relationships with engineering, infrastructure, software engineering, legal and other team members to socialize and align on the emerging program initiatives
• Working experience with security vendors and service providers, evaluating new security solutions and conducting POCs

Qualifications

Desired Skills and Experience

• Preferably seven or more years' experience in security operations and incident management, including DFIR

• Experience working in a 24x7 operational environment, with geographic disparity preferred.
• Experience with SIEM, EDR, XDR, SOAR, Threat Intel, Threat Intel Protection, Red Teaming and related Security technologies

• Familiarity with different Network. Web Application Firewall and identity and access management threat protection technologies
• Solid knowledge of regular expressions and automation workflows
• Understanding of data onboarding and ensuring appropriate time stamping and data parsing
• Experience working with information security disciplines (e.g., incident response, security infrastructure management, or monitoring services)
• Knowledge of cyber-attack stages, including reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation and covering tracks (Mitre, etc)

Additional Qualifications:

• Highly effective communicator with ability to influence business units.
• Analytical and problem-solving mindset.
• Leverages strategic and tactical thinking.
• Works calmly under pressure and with tight deadlines.
• Is highly trustworthy; leads by example.
• Security certifications preferred