Lead Analyst, Level 2 Cyber Threat Detection
Publication date:
06 September 2024Workload:
100%Contract type:
Unlimited employment- Place of work:Johnson
Johnson & Johnson is recruiting for a Lead Analyst, Level 2 Cyber Threat Detection within the Cyber Security Operations Center (CSOC) supporting the Information Security and Risk Management (ISRM) group located in Singapore.
At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at https://www.jnj.com/.
Position Summary
Are you driven by a sense of purpose? We are focused, driven, and dedicated to providing world-class Security incident handling services. On the Security Operations Center level 1 (SOC L1)/ level 2 (SOC L2) team, we continually supervise possible malicious activity on endpoints, servers, networks, applications, databases, websites and other IT systems, looking for malicious activity that could be the indication of a security incident. We analyze security alerts, assess threat impact and coordinate containment, mitigation and eradication strategies by investing in our people.
Responsibilities include but are not limited to;
- In this role, as the SOC L2 Lead Analyst, you will be tasked with handling security incidents raised by our SOC L1 team and ensure timely handling of the incident.
- Add context to the incident to understand the behavior, analyzing data from multiple tools and data sources
- Participates to the incident response management by providing support to the incident response team (CSOC Level 3)
- Act as a point of collaboration in coordinated efforts to analyse, assess and defend against cyber-attacks by partnering with IT/OT contacts, end users and ISRM colleagues
- Participate in OT security incident response process
- Make policy and rule recommendation to improve our detection rules and reduce False positives alerts through analysis, collaboration and metrics collection.
- Support project teams and colleagues on security issues and related internal control gaps.
- Analyze systems identified as potentially compromised
- Create or update procedural documentation on incident response detection activities