Security Architect - SOC and Incident Response

We are currently seeking a SOC and Incident response consultant to join our Global information Security Team! We are looking for a candidate who is passionate about security, a self-starter and thrives in a collaborative environment. The ideal candidate will have a bachelor’s degree in Computer Science or closely related subject; an advanced degree is preferred. The position requires team building skills and must be able to collaborate effectively with a group of high performing individuals and the business organizations. How You’ll Make An Impact: Expert in MS Sentinel SIEM tool configuration Review security events that are populated in a Security Information and Event Management (SIEM) system to develop accurate remediation actions. Review, respond, and build custom alerts. Create playbooks and logical apps. Build SIEM automation to increase the capacity and ability of the team. Single point of contact for Monitoring team for escalation. Develop and document processes and procedures for responding to security incidents. Expertise on incident forensics and ability to write both detailed technical cyber incident report and executive level summaries. Develop and maintain security incident response plans. Active threat hunting. Provide technical guidance, training, and support to other members of the security team. Maintain an up-to-date knowledge of security threats, vulnerabilities and countermeasures. Also evaluate if BR environment safe against such threats. Provide monthly reports for top level management. In-depth product knowledge of Threat management, Vulnerability management, Red team and Security auditing & Compliance. Support compliance standards like ISO27001 and FedRamp. Strong understanding of network, firewall, IDS/IPS, Proxy servers, Content filtering appliance, AWS and Azure cloud and DLP. Extract and correlate cyber incident logs from various sources and be able to tell a story on root cause, vulnerabilities exploited, identify failed defenses, recommend defenses to thwart similar future cyber incidents. Lead defensive actions against active cyber attacks, be able to take calls from external SOC 24/7 for high and critical alerts and be able to independently address the defensive action and identify other IT functions such as network team, AD team, others to be invited to the cyber incident call for help. What You Bring: Education: Bachelor’s degree in Information Security or related field. Work Experience: Seven (7) years of relevant work experience are required. 3+ years experience in managing MS Sentinel platform (overall 7 years in SIEM tool admin). Expert knowledge of logging and SIEM technologies and EDR solution like Defender. Proficient understanding of network topology and major protocols. Expert knowledge of KQL query language, regex. Familiarity with logging formats. Deep knowledge of logs sources from on-prem and Azure AD, O365, Sharepoint, leading SaaS applications. Knowledge of network devices, firewalls, IDS/IPS, TCP/IP protocols, and general network architecture. Strong verbal and written communication skills. Ability to interpret, understand, and communicate real business risks in relation to technology risk. Location: Bio-Rad is pleased to offer the flexibility of Remote Work for this role anywhere in the U.S.

Salary : $119,000 - $205,000