Location: Noida Berger Tower, India

Thales people architect solutions that enable two-thirds of planes to take off and land safely. We create in-flight entertainment systems that engross 50 million fliers every year and we develop the avionics that control the world’s largest commercial aircrafts. Our simulators train the next generation of pilots for fighter jets, transporters and search and rescue helicopters. And, together, each and every member of our aerospace team makes a difference.

Present in India since 1953, Thales is headquartered in Noida, Uttar Pradesh, and has operational offices and sites spread across Bengaluru, Delhi, Gurugram, Hyderabad, Mumbai, Pune among others. Over 1800 employees are working with Thales and its joint ventures in India. Since the beginning, Thales has been playing an essential role in India’s growth story by sharing its technologies and expertise in Defence, Transport, Aerospace and Digital Identity and Security markets.

As Cyber security Operations engineer Level 2 will be responsible for analyzing and remediate (wherever applicable) security-related data from various sources, including network traffic, system logs, and security alerts. You will use this information to identify and investigate potential security incidents, and take appropriate actions to mitigate or resolve them. You may also respond to incidents, escalating them to Level 3 engineers or incident response teams as necessary. You will typically work in team environment working in shifts to support 24X5 operations.

Essential Duties and Responsibilities

• Analyze security-related data from various sources, such as network traffic, system logs, and security alerts, to identify and investigate potential security incidents.
• Should be able to identify critical threat and perform quick remediation.
• Respond to security incidents and create appropriate Runbooks for Level 1, escalating incidents to higher-level engineers or incident response teams as necessary.
• Maintain and troubleshoot security systems and devices, such as firewall, intrusion detection/prevention systems, and security information and event management (SIEM) systems.
• Maintain and update security run book documentation and procedures.
• Participate in incident response exercises and drills to test and improve incident response capabilities.
• Work closely with other members of the security team, as well as with other IT and business teams, to resolve security incidents and improve overall security posture.
• Keep up to date with the latest security threats, vulnerabilities and trends, and share knowledge with the team.
• Work in shifts to support 24X5 operations
• Perform other duties as assigned by the CSOC Manager or CSOC Team Lead.

Include minimum experience qualifications, required proficiencies with specialized knowledge, computer proficiencies, etc.

Experience

• 3-4 years of experience in security operations, incident response, or a related field.
• Familiarity with security concepts and technologies, such as firewalls, intrusion detection/prevention systems, and security information and event management (SIEM) systems.
• Experience with security incident management and incident response processes.
• Experience with network protocols and technologies, such as TCP/IP, DNS, and DHCP.
• Strong analytical and problem-solving skills, and the ability to think critically and make sound decisions in a fast-paced environment.
• Excellent written and verbal communication skills, as well as the ability to work well in a team environment.
• Exposure to industry standards, such as NIST, ISO 27001, SOC 2 and PCI-DSS.
• Strong understanding of cybersecurity threats and vulnerabilities, and experience with security tools and technologies.

Skills

• Technical skills: Familiarity with security concepts and technologies, such as firewalls, intrusion detection/prevention systems, and security information and event management (SIEM) systems. Knowledge of network protocols and technologies, such as TCP/IP, DNS, and DHCP.
• Analytical skills: Strong analytical and problem-solving skills, and the ability to think critically and make sound decisions in a fast-paced environment.
• Communication skills: Excellent written and verbal communication skills, as well as the ability to work well in a team environment.
• Incident Response: Experience with security incident management and incident response processes.
• Cybersecurity Knowledge: Strong understanding of cybersecurity threats and vulnerabilities, and experience with security tools and technologies.
• Industry Standards: Knowledge of industry standards, such as NIST, ISO 27001, SOC 2 and PCI-DSS.
• Time Management: Ability to handle multiple tasks and priorities and manage time effectively in a fast-paced environment.
• Adaptability: Adaptability to work in a dynamic and changing environment.
• Attention to detail: pay attention to detail and able to identify and investigate potential security threats.
• Customer service: Strong customer service orientation, ability to work well with others, and ability to communicate effectively with customers.

Education

• Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent work experience.
• Related qualifications and/or industry certifications such as CISSP/CISM and Cloud certifications are preferred.
• GCIH, GCIA, CRIA and/or BLT1/2 is a plus.
• Certifications: holding certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), and Certified Information Systems Security Professional (CISSP) would be preferred.  

At Thales we provide CAREERS and not only jobs. With Thales employing 80,000 employees in 68 countries our mobility policy enables thousands of employees each year to develop their careers at home and abroad, in their existing areas of expertise or by branching out into new fields. Together we believe that embracing flexibility is a smarter way of working. Great journeys start here, apply now!