Morgan Stanley is looking to onboard Google Cloud Platform applications securely and enable security monitoring for the platform. This role is crucial for mitigating risks during and after onboarding, investigating cyber security incidents, and improving the overall incident response process within the GCP environment.
Requirements
- Experience with investigating common types of attacks, network packet analysis, log analysis, and reviewing security events.
- Experience applying Open-Source Intelligence (OSINT) techniques in support of investigations.
- Knowledge of Windows processes and Active Directory.
- Scripting (Python, BASH, Perl, or PowerShell), coding, or other development experience.
- In-depth knowledge of security event management, network security monitoring, log collection, and correlation.
- Splunk usage or administration experience.
- Foundational Cloud Security knowledge.
Responsibilities
- Monitor and analyze security alerts and incidents within the GCP environment, taking proactive measures to mitigate risks during and after onboarding.
- Investigate cyber security incidents and threats.
- Improve the detection, escalation, containment, and resolution of incidents.
- Enhance existing incident response methods, tools, and processes.
- Maintain knowledge of technologies and the threat landscape.
- Assist in developing and maintaining security documentation, including incident response procedures and runbooks.
Other
- Holiday and weekend shifts are mandatory. Schedule to be adjusted during the week to accommodate this requirement.
- Interact with stakeholders and leadership teams as part of the response and remediation efforts.
- During non-core business hours support emergency, critical, or large-scale incidents as required.
- Excellent writing and presentation skills are required to communicate findings and recommendations.
- Able to work on extended working hours during incidents.
