The Role
We are seeking a dedicated and skilled Cyber Security GRC Specialist to join our team. The ideal candidate will be responsible for monitoring and responding to security threats, ensuring compliance, and maintaining security procedures. This role requires a proactive individual with strong analytical skills and the ability to communicate effectively with various teams. The role is hybrid, but the candidate must be flexible with working hours as it involves 7x7 monitoring.
Key Responsibilities:
7x7days Security Monitoring & Alerting:
* Monitor the insurance client's environment and global threat landscape using ServiceNow, Splunk Phantom, and other tools.
* Translate security alerts into actionable information.
* Ensure the availability of security sensors and escalate issues as needed.
Incident Response:
* Triage and respond to security events, following documented procedures.
* Analyze alerts and escalate as necessary.
* Correlate logs and threat intelligence to identify potential threats.
* Respond to malware, scam, and phishing alerts.
* Perform initial troubleshooting and threat containment.
Daily Operational Security Activities:
* Monitor the ticketing system and security mailbox.
* Respond to phishing/malware, spam reports, and perform site take-downs.
* Assist with general security queries and escalate critical issues.
* Participate in improvement activities and team communications.
Compliance Monitoring:
* Action Data Loss Prevention (DLP) and general compliance alerts.
* Assist with compliance-related queries and actions.
* Procedure Maintenance & Improvement:
* Maintain and enhance standard operating procedures.
Communication & Knowledge Sharing:
* Communicate effectively with security, technology, and business teams.
* Provide knowledge transfer and assist with security queries.
Threat Data Collection:
* Collect and document threat data for escalation.
Meetings & Knowledge Uplift:
* Participate in daily operations and monthly service management meetings.
Qualifications:
* Bachelor's degree in Cybersecurity, Information Technology, or a related field.
* Relevant certifications (e.g., CISSP, CISM, CEH) are a plus.
* Proven experience in a similar role.
* Strong analytical and problem-solving skills.
* Excellent communication and teamwork abilities.
#J-18808-Ljbffr