5 Fortisoar Jobs

Summary The Director DDIT ISC CSOC Automation Engineering will be an integral part of the Novartis Cyber Security Operations Center (CSOC). The CSOC is an advanced global team passionate about actively defending against the most sophisticated cyber threats and attacks. The Director DDIT ISC CSOC Automation Engineering is a seasoned leader who will lead a team of skilled SOAR engineers and manage tools to support the proactive detection, investigation, and mitigation of emerging and persistent threats that impact Novartis networks, systems, users, and applications. This role will involve coordination and communication with technical and non-technical teams, including security leadership and business stakeholders. As an experienced and skilled manager, this role will also involve coaching and mentoring talented Security Engineers with diverse backgrounds. About The Role MAJOR ACCOUNTABILITIES In Addition To Accountabilities Listed Above In Job Purpose SOAR Manager Lead and manage a geographically distributed team of skilled SOAR Engineers, providing guidance and support while leveraging their diverse skill sets and personalities. Evaluate and review performance metrics and KPIs to ensure the SOAR team is meeting targets and delivering efficient and effective results. Take accountability for the team&aposs performance in various areas, including, but not limited to: Manage SOAR platforms Support audit requests and reports Engage with product teams to address technical challenges Manage stakeholders' commitments Act as the primary point of contact for first-level escalations, addressing any issues or concerns that arise and ensuring timely resolution. Develop and maintain comprehensive documentation to facilitate knowledge sharing and ensure consistently achieving quality outcomes. Drive a culture of continuous improvement and innovation within the team, identifying opportunities to optimize processes and enhance efficiency. Serve as a subject matter expert in SOAR processes and play an active role in guiding the team and providing expertise whenever needed. Workflow Orchestration and Process Automation Define, design, evaluate, and improve business processes and playbooks integrating automation and orchestration. Integrate a variety of technology devices, applications, and datasets to support workflow orchestration and process automations. Gather requirements, plan, design, implement, and test automations with SOAR platform and surrounding technologies. Develop custom integrations to support CSOC workflow automation and orchestration. Develop and maintain effective documentation; including automation playbooks, processes, and other supporting operational material. Case Management and Analytics Interface with engineering teams to design, test, and implement case management with workflow orchestration and automation. Define, design, evaluate, and enhance case management features including front end interface, backend data model, and technology integrations to support measurable, effective, and streamlined CSOC activities. Scripting and Development Design, develop, and test scripts and other solutions to support CSOC mission and activities. Research and test new technologies and platforms; develop recommendations and improvement plans. Cooperating with stakeholders Management Periodically report to management the current status of sources and use cases in the system. Operational stakeholders (CSOC analysts, Cyber Center) Maintain a good understanding of stakeholders needs in regard to activities and requirements. Essential Requirements University working and thinking level, degree in business/technical/scientific area or comparable education/experience. Desirable Requirements: Professional information security certification, such as CISSP, CISM or ISO 27001 auditor / practitioner is preferred. Professional (information system) risk or audit certification such as CIA, CISA or CRISC is preferred. Preferably one or more XSOAR, Phantom trainings/certifications. Experience 6+ Years work experience. 4+ Years Python scripting or other similar coding experience. Experience with Python and Splunk. Experience planning, designing, developing, and testing automation solutions with SOAR platforms (Cortex, Phantom, FortiSOAR, etc). Experience developing solutions with SIEM tools (Splunk, QRadar, Sentinel, etc.). Experienced IT administration with broad and in-depth technical, analytical and conceptual skills. Experience in reporting to and communicating with senior level management (with and without IT background, with and without in depth risk management background) on incident response topics. Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related and incident response concepts to technical as well as nontechnical audiences. Excellent understanding and knowledge of general IT infrastructure technology and systems. Proven experience to initiate and manage projects that will affect CSOC services and technologies. Skills/Job Related Knowledge Understanding of SOAR architecture components, including technology integrations, common automation scenarios and solutions. Understanding of configuration files and relationship between GUI configuration and backend configuration file impact. Experience with software development lifecycle and user acceptance testing. An understanding of error messages and logs displayed by various software. Ability to troubleshoot, diagnose and solve issues independently. Self-learner, ability to document learning as experience is gained. Understanding of network protocols and topologies. Strong technical troubleshooting and analytical skills. Experience with platform and application automated deployment and version control software e.g. (Ansible, Git, Bitbucket). A knowledge of the MITRE ATT&CK framework is a beneficial. Ability to prioritise workload. Excellent written and spoken English. Calm and logical approach. NETWORKS High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity. Ability to handle competing priorities, and seeking consensus when stakeholders have different or even contradicting opinions. CORE COMPETENCIES Leadership Establishes clear direction and sets stretch objectives. Aligns and energizes Associates behind common objectives. Champions the Novartis Values and Behaviors. Rewards/encourages the right behaviors and corrects others. Establishes clear directives and objectives. Communicates positive expectations for others on the team. Integrates and applies learning to achieve business goals. Customer/Quality Focus Assigns highest priority to customer satisfaction. Listens to customer and creates solutions for unmet customer needs. Established effective relationships with customers and gains their trust and respect. Defines quality standards to ensure customer satisfaction. Creates and supports world-class quality standards to ensure customer satisfaction. Fast, Action-Oriented Is action-oriented and full of energy to face challenging situations. Is decisive, seizes opportunities and ensures fast implementation. Strives for simplicity and clarity. Avoids &aposbureaucracy&apos. Alerts others to potential risks and opportunities. Keeps organizational processes simple and efficient. Takes acceptable/calculated risks by adopting new or unknown directions. Results Driven Can be relied upon to succeed targets successfully. Does better than the competition. Pushes self and others for results. Anticipates potential barriers to achievement of shared goals. Pushes self and others to see new ways of achieving results (e.g., better business model). Uses feasibility and ROI analyses to ensure results. Keeps pace with new developments in the industry. Why Novartis: Helping people with disease and their families takes more than innovative science. It takes a community of smart, passionate people like you. Collaborating, supporting and inspiring each other. Combining to achieve breakthroughs that change patients lives. Ready to create a brighter future together https://www.novartis.com/about/strategy/people-and-culture Join our Novartis Network: Not the right Novartis role for you Sign up to our talent community to stay connected and learn about suitable career opportunities as soon as they come up: https://talentnetwork.novartis.com/network Benefits and Rewards: Read our handbook to learn about all the ways well help you thrive personally and professionally: https://www.novartis.com/careers/benefits-rewards Show more Show less

Key Skills: SIEM, SOAR, Azure Sentinel, FortiSOAR, Python, PowerShell, Cyber Security, Automation, Security Frameworks, Compliance, Incident Response, Playbook Creation, Log Onboarding, Cyber Kill Chain. Roles & Responsibilities: Manage and oversee SIEM and SOAR solutions, including log onboarding and creation of automated playbooks. Provide hands-on technical expertise across Cyber Security and technology domains. Collaborate with internal teams to integrate and optimize security monitoring tools and automate workflows. Maintain and ensure the performance of SIEM and SOAR platforms, enhancing detection and response capabilities. Design and implement automation solutions using scripting languages (e.g., Python, PowerShell). Support and ensure compliance with security frameworks and industry regulations. Analyze and remediate security incidents, leveraging expertise in the Cyber Kill Chain and common attack methods. Work closely with cross-functional teams to define security requirements, processes, and practices. Communicate complex security concepts to non-technical stakeholders. Monitor and report on security events and incidents to ensure continuous improvement of security posture. Experience Required: 8-11 years of experience in IT Security, with at least 6 years managing SIEM and SOAR solutions. Strong hands-on experience with SIEM (e.g., Azure Sentinel) and SOAR platforms (e.g., FortiSOAR). Experience in log onboarding for SIEM solutions and creating automated playbooks on SOAR platforms. Solid understanding of security frameworks, compliance regulations, and industry standards. Technical experience in Cyber Security and technology domains, including threat analysis and remediation. Proven ability to work under pressure and manage time effectively. Familiarity with e-commerce, logistics, supply chain, and port operations applications is a plus. Education: A ny Graduation.

Responsibilities: SOC Monitoring: Provide core Security Operations Center (SOC) monitoring services for client environments, ensuring continuous vigilance against security threats. Tool Proficiency: Utilize and operate various SOC tools, including FortiSOAR, IBM QRadar, MS Defender, and Cisco Umbrella , for effective threat detection and response. L1 Support: Provide initial (L1) support for security incidents within client environments, triaging alerts and performing preliminary investigations. Incident Response Assistance: Assist in the initial phases of incident response, following established protocols to contain and escalate security incidents. Alert Analysis: Analyze security alerts and logs from various sources, distinguishing between false positives and genuine threats. Documentation: Maintain accurate records of security incidents, investigations, and resolutions. Communication: Effectively communicate security findings, incidents, and recommendations through good verbal and written communication skills. Shift Work: Be open and flexible to work in shifts as per operational requirements. Required Skills: Proficiency in FortiSOAR, IBM QRadar, MS Defender, and Cisco Umbrella . Core SOC Monitoring experience. Good verbal and written communication skills. Openness to work in shifts and flexibility in work approach.

Skill:- Cybersecurity,Azure Sentinel SIEM,MS Defender for Endpoints (EDR/ATP),AWS IAM,SOAR Concept,Fortinet FortiSOAR,Palo Alto Networks - Firewalls,Cortex XSOAR,Python. We are seeking a Cybersecurity Analyst with 1-6years of experience in fundamental cybersecurity concepts, including SIEM, EDR, IAM, and SOAR platforms. The ideal candidate should have a basic understanding of security automation and orchestration using platforms like FortiSOAR, Palo Alto XSOAR, and ThreatConnect (preferred). Experience with SOAR play book creation , integration etc. Additionally, knowledge of Python scripting for automation and security tasks will be an added advantage. Those who have relevant experience and Skills, as mentioned above please revert back soon. It's a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us.

Hi , As per response to your profile which is uploaded in Job portals. We have an excellent job openings for XSOAR -Bangalore Location in IT MNC If your already received email or not looking for job change/ irrelevant - please ignore it. Note: Apply for only Relevant & interested candidates. Job Description: Skill:- Cybersecurity,Azure Sentinel SIEM,MS Defender for Endpoints (EDR/ATP),AWS IAM,SOAR Concept,Fortinet FortiSOAR,Palo Alto Networks - Firewalls,Cortex XSOAR,Python. We are seeking a Cybersecurity Analyst with 1-6years of experience in fundamental cybersecurity concepts, including SIEM, EDR, IAM, and SOAR platforms. The ideal candidate should have a basic understanding of security automation and orchestration using platforms like FortiSOAR, Palo Alto XSOAR, and ThreatConnect (preferred). Experience with SOAR play book creation , integration etc. Additionally, knowledge of Python scripting for automation and security tasks will be an added advantage. Those who have relevant experience and Skills, as mentioned above please revert back soon. It"s a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us. Total Exp: Relevant Exp:- Current Company: Current CTC: Expected CTC: Current Location: Preferred location: Bangalore Notice Period: DOB: Degree: Many Thanks Regards Sreenivas Sreenivasa.k@happiestminds.com