Share this Job
Apply now »

Security Operations Center Specialist - Incident Response

Security Operations Center Specialist - Incident Response

Esplugues Llobregat, B, ES, 08950

Esplugues Llobregat, B, ES, 08950

Position Snapshot


Location: Global IT Hub Barcelona
Full time position
 

About IT at Nestlé


We are a multicultural and diverse team of IT professionals driving the biggest IT operations landscape and digital transformation of the FMCG industry. We work with leading technologies and solutions to enable Nestle to engage with millions of consumers worldwide. We transform how we use data with machine learning, advanced analytics, and introduce automation to drive industry 4.0 opportunities in areas including supply chain and manufacturing.

We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from people who have the courage to challenge; believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers.

Main purpose of the Position


In order to complete our Security and Compliance Department, we are currently looking for a Security Operations Center Specialist - Cyber Security Incident Response.

 

In this position, you will provide situational awareness through the detection, containment, and remediation of IS/IT and cyber threats. You will perform cyber threat intelligence reviews, assess and track potential cyber threats commonly associated with attempted intrusions, network & host-based attacks (external & internal), product vulnerabilities, etc., and coordinate incident response and remediation efforts. The SOC Specialist manages security incidents, ensuring they are properly identified, analyzed, communicated, actioned/defended, investigated and reported. Together with external SOC services, you will also monitor infrastructure, applications and information flows to identify a potential cyber-attack or intrusion (event) and determine if the cyber-attack is a real, malicious threat (incident), and whether it could have a business impact. Furthermore, you will define and create use cases and scenarios to address new threats and improve the security monitoring and alerting capabilities. You act as advisor or ‘resource on demand’ from the Security Product Group within the Product Groups. Working within cross-functional teams, you create and implement operational processes, identify threats and security gaps, and collaborate with the Security Community of Practice to develop measures to protect the company information (theft, loss and leaks). The SOC Specialist provides inputs to other positions/functions to perform lessons learned and continuous improvement.

A day in the life of...

 

  • Identify cyber security threats within the Nestlé landscape and IS/IT Products and platforms
  • Investigate, escalate and coordinate the remediation of information security incidents in line with industry best practices (SANS, NIST, etc.).
  • Review and assess security and infrastructure logs for indicators of compromise (IOCs) or other anomalous behavior within networks, applications or user profiles
  • Validate security configurations and access to security infrastructure tools, including firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), anti-malware/endpoint protection systems, etc.
  • Define, develop and maintain product security processes and guidelines
  • Execute cyber threat assessments, ad-hoc security reviews and/or investigations
  • Contribute to design and implementation of analytic platforms and methods for detecting threats
  • Conduct advanced computer and network forensic investigations relating to various forms of malware, computer intrusion, theft of information, denial of service, data breaches, etc.
  • Conduct forensic analyses of security-related incidents in a manner consistent with guidance from the organization's counsel, human resources or law enforcement, as the case may be
  • Liaise with the Security Product Manager to identify best practices and continuously improve technical standards, processes, procedures and guidelines to enable proper risk mitigation for each business capability
  • Works with the product group teams to maintain and enhance the security levels of the products according to threat-based security strategy for the information and business capabilities in scope
  • Work with each Product Manager to ensure products are subject to appropriate vulnerability, log monitoring & pen testing and where appropriate work with all Product Managers and the Enterprise (Information) Architects to develop mitigation strategies to reduce the overall risk footprint
  • Work with Performance Manager to analyze product group and information security risk exposure and ensure that the risk is in accordance to the acceptable risk level

 

What Will Make You Successful?

 

  • Bachelor or Master’s Degree in Computer Science, Information Security or another similar relevant degree (an additional 3 years of experience may be substituted in lieu of a degree).
  • 5+ years of cyber incident response, threat assessment, risk management and security experience.
  • Professional experience working with sensitive or confidential information in a work environment.
  • In-depth understanding of: Threat based IS/IT security, latest security technologies and concepts, threat management, incident and vulnerability handling, technical security testing and maturity assessments, secure software lifecycle development (SecDevOps).
  • Experience with security information event management solutions (e.g. ArcSight, Splunk) and security incident orchestrations and/or automation platforms.
  • Ability to demonstrate a high degree of credibility and influence senior stakeholders.
  • Experience with effective communication at different levels in the organization and in English.
  • Experience having worked in a global environment and with virtual teams.
  • Relevant technical and industry certifications are a plus, e.g. GIAC certifications.


We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from people who have the courage to challenge; believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers. If this is you and you want to make an impact globally, join us and there will be no limits to your career.
 

#makeITpossible at Nestlé

 

Position Snapshot


Location: Global IT Hub Barcelona
Full time position
 

About IT at Nestlé


We are a multicultural and diverse team of IT professionals driving the biggest IT operations landscape and digital transformation of the FMCG industry. We work with leading technologies and solutions to enable Nestle to engage with millions of consumers worldwide. We transform how we use data with machine learning, advanced analytics, and introduce automation to drive industry 4.0 opportunities in areas including supply chain and manufacturing.

We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from people who have the courage to challenge; believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers.

Main purpose of the Position


In order to complete our Security and Compliance Department, we are currently looking for a Security Operations Center Specialist - Cyber Security Incident Response.

 

In this position, you will provide situational awareness through the detection, containment, and remediation of IS/IT and cyber threats. You will perform cyber threat intelligence reviews, assess and track potential cyber threats commonly associated with attempted intrusions, network & host-based attacks (external & internal), product vulnerabilities, etc., and coordinate incident response and remediation efforts. The SOC Specialist manages security incidents, ensuring they are properly identified, analyzed, communicated, actioned/defended, investigated and reported. Together with external SOC services, you will also monitor infrastructure, applications and information flows to identify a potential cyber-attack or intrusion (event) and determine if the cyber-attack is a real, malicious threat (incident), and whether it could have a business impact. Furthermore, you will define and create use cases and scenarios to address new threats and improve the security monitoring and alerting capabilities. You act as advisor or ‘resource on demand’ from the Security Product Group within the Product Groups. Working within cross-functional teams, you create and implement operational processes, identify threats and security gaps, and collaborate with the Security Community of Practice to develop measures to protect the company information (theft, loss and leaks). The SOC Specialist provides inputs to other positions/functions to perform lessons learned and continuous improvement.

A day in the life of...

 

  • Identify cyber security threats within the Nestlé landscape and IS/IT Products and platforms
  • Investigate, escalate and coordinate the remediation of information security incidents in line with industry best practices (SANS, NIST, etc.).
  • Review and assess security and infrastructure logs for indicators of compromise (IOCs) or other anomalous behavior within networks, applications or user profiles
  • Validate security configurations and access to security infrastructure tools, including firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), anti-malware/endpoint protection systems, etc.
  • Define, develop and maintain product security processes and guidelines
  • Execute cyber threat assessments, ad-hoc security reviews and/or investigations
  • Contribute to design and implementation of analytic platforms and methods for detecting threats
  • Conduct advanced computer and network forensic investigations relating to various forms of malware, computer intrusion, theft of information, denial of service, data breaches, etc.
  • Conduct forensic analyses of security-related incidents in a manner consistent with guidance from the organization's counsel, human resources or law enforcement, as the case may be
  • Liaise with the Security Product Manager to identify best practices and continuously improve technical standards, processes, procedures and guidelines to enable proper risk mitigation for each business capability
  • Works with the product group teams to maintain and enhance the security levels of the products according to threat-based security strategy for the information and business capabilities in scope
  • Work with each Product Manager to ensure products are subject to appropriate vulnerability, log monitoring & pen testing and where appropriate work with all Product Managers and the Enterprise (Information) Architects to develop mitigation strategies to reduce the overall risk footprint
  • Work with Performance Manager to analyze product group and information security risk exposure and ensure that the risk is in accordance to the acceptable risk level

 

What Will Make You Successful?

 

  • Bachelor or Master’s Degree in Computer Science, Information Security or another similar relevant degree (an additional 3 years of experience may be substituted in lieu of a degree).
  • 5+ years of cyber incident response, threat assessment, risk management and security experience.
  • Professional experience working with sensitive or confidential information in a work environment.
  • In-depth understanding of: Threat based IS/IT security, latest security technologies and concepts, threat management, incident and vulnerability handling, technical security testing and maturity assessments, secure software lifecycle development (SecDevOps).
  • Experience with security information event management solutions (e.g. ArcSight, Splunk) and security incident orchestrations and/or automation platforms.
  • Ability to demonstrate a high degree of credibility and influence senior stakeholders.
  • Experience with effective communication at different levels in the organization and in English.
  • Experience having worked in a global environment and with virtual teams.
  • Relevant technical and industry certifications are a plus, e.g. GIAC certifications.


We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from people who have the courage to challenge; believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers. If this is you and you want to make an impact globally, join us and there will be no limits to your career.
 

#makeITpossible at Nestlé

 

Apply now »