Job Description

As one of the world's leading asset managers, Invesco is dedicated to helping investors worldwide achieve their financial objectives. By delivering the combined power of our distinctive investment management capabilities, we provide a wide range of investment strategies and vehicles to our clients around the world.
If you're looking for challenging work, smart colleagues, and a global employer with a social conscience, come explore your potential at Invesco. Make a difference every day!

Duties:

Lead and coordinate incident response efforts for cloud-based environments (AWS, Azure, GCP). Analyze and investigate security alerts, logs, and events from SIEM, EDR, and cloud-native tools. Develop and maintain incident response playbooks, runbooks, and escalation procedures. Collaborate with CloudOps, Cloud Engineering, and Application Teams to contain and remediate threats. Analyze information security events from multiple sources, including SIEM, IPS/IDS, firewalls, Endpoint security, cloud security, email gateway, Identity protection, etc., identify the cause of incidents, and respond by applying containment and eradication strategies. Design and implement IT security systems (Endpoint security, Email protection, Identity protection, Cloud security) to protect corporate network from cyber threats. Respond and analyze cyber incidents, Monitoring IPS/IDS alerts, Coordinating and distributing advisories on cyber security Incident, vulnerabilities, and threats to relevant stakeholders. Collaborate closely with Threat Intelligence, Incident Response, Business Security, Application Security, Technology, and other teams as vital. Assess vulnerabilities and attacker tactics, techniques, and procedures (TTP) and provide defensive action to locate and prevent threats. Review and analyze security data within the SIEM and network traffic such as full packet captures and analysis/or NetFlow data to detect traffic anomalies, identify infected systems, and threat actor related activity based on known tactics, techniques, and procedures. Configure rules for real-time alerting in SIEM tool for events, analytic rules, automation rules, hunting queries & Playbook. Conduct static and dynamic Malware Analysis. Configure and deploy security policies, Rules, and controls within firewalls. Configure Palo-Alto Security firewall Policies/Rules, Build Custom objects/Categories for network Configurations based on various enterprise requirements. Create and enforce security policies in various Cyber defense tools (Endpoint security/Email gateway, firewalls, AD Groups) to mitigate risks. Create and update interactive Security event/Incident Reports and Dashboards for executive leadership. Conduct proactive Threat Hunting exercises to identify and mitigate security threats through the review of system logs, threat intelligence, network activity, and known tactics, techniques, and procedures. Lead activities to simulate real-world cyber-attacks and assess effectiveness of defensive measures. Configure IDS/IPS signatures based on Vendor-provided signatures, Vulnerability Database, CTI Feeds, TCP/IP, HTTP, FTP, SSH protocols following industry standards (NIST, PCI-DSS, HIPAA. etc.), regex, hex encoding and create Custom IDS/IPS based on opensource signatures (snort, Suricata). Work under Team Leader to maintain security devices and show practical experience in managing SIEM environments, firewalls, content filters, NIDS, proxy servers, HIPS, and packet capture devices. Perform malware analysis by sandboxing file, URL, decoding a script and locate IOCs (Indicators of Compromise) within the file while knowing and understanding the MITRE Kill Chain and other Cybersecurity standards. Work on End-End malware remediation process from identifying malware, containing systems while assessing the Enterprise risk, Malware reverse engineering, identifying IOC's, updating identified signatures and Hunting IOCs in Enterprise environment. Work on endpoint security Incidents while providing recommended actions for completely removing all traces of malware from the infected system, including rootkits, Trojans, viruses, and malicious software's restoring system to a known good state, ensuring the integrity and security of all data and applications. Serve as the primary escalation contact for all security incidents in the absence of L3. Make recommendations, build, modify, and update IPS policies, Endpoint AV security controls, Network AV security controls, and Security Information Event Management (SIEM) tool rules. Mentor and train team members. Deliver technical training in areas such as log monitoring, security event analysis, phishing email investigations, and incident handling.

Requirements:

Must have a Bachelor's degree in Software or Computer Engineering, Mechanical Engineering, Information Security, or related field. Must have obtained at least one of the following certifications: CISSP, CompTIA Security +, CHFI ,AWS Security Specialty, AWS Solution Architect Associate Strong knowledge of cloud platforms (AWS, Azure, GCP) and their security services. Experience with cloud-native logging and monitoring (e.g., CloudTrail, GuardDuty, Azure Defender). Must have 5 years of progressive experience in Information/Cyber Security positions performing/utilizing the following: Information Security Operations. Cyber Incident Response Process identification, analysis, reporting, remediation/mitigation, verification, post-analysis, and process improvement. Network analysis tools, scripting languages, software vulnerabilities, exploits and malware analysis, and reverse engineering. Reading and understanding system data including security event logs, system logs, application logs, and device logs. Strong network security, threat hunting, and threat intelligence Must have at least 4 years of experience with: Enterprise grade technologies including Windows and Linux Operating Systems, Databases, Endpoint security, Web Applications and Applicable monitoring tools, including. SIEM, DLP, Internet filtering/blocking, IDS/IPS, firewalls, Anti-Virus, encryption technologies, and Vulnerability management). Creating custom correlation rules to detect known or suspected malware traffic patterns within security tools.
Full Time / Part Time
Full time
Worker Type
Employee
Job Exempt (Yes / No)
Yes
Workplace Model

At Invesco, our workplace model supports our culture and meets the needs of our clients while providing flexibility our employees value. As a full-time employee, compliance with the workplace policy means working with your direct manager to create a schedule where you will work in your designated office at least three days a week, with two days working outside an Invesco office.
Why Invesco
In Invesco, we act with integrity and do meaningful work to create impact for our stakeholders. We believe our culture is stronger when we all feel we belong, and we respect each other's identities, lives, health, and well-being. We come together to create better solutions for our clients, our business and each other by building on different voices and perspectives. We nurture and encourage each other to ensure our meaningful growth, both personally and professionally.
We believe in diverse, inclusive, and supportive workplace where everyone feels equally valued, and this starts at the top with our senior leaders having diversity and inclusion goals. Our global focus on diversity and inclusion has grown exponentially and we encourage connection and community through our many employee-led Business Resource Groups (BRGs).
What's in it for you

As an organization we support personal needs, diverse backgrounds and provide internal networks, as well as opportunities to get involved in the community and in the world.
Our benefit policy includes but not limited to:Competitive Compensation Flexible, Hybrid Work 30 days' Annual Leave + Public Holidays Life Insurance Retirement Planning Group Personal Accident Insurance Medical Insurance for Employee and Family Annual Health Check-up 26 weeks Maternity Leave Paternal Leave Adoption Leave Near site Childcare Facility Employee Assistance Program Study Support Employee Stock Purchase Plan ESG Commitments and Goals Business Resource Groups Career Development Programs Mentoring Programs Invesco Cares Dress for your Day

In Invesco, we offer development opportunities that help you thrive as a lifelong learner in a constantly evolving business environment and ensure your constant growth. Our AI enabled learning platform delivers curated content based on your role and interest. We ensure our manager and leaders also have many opportunities to advance their skills and competencies that becomes pivotal in their continuous pursuit of performance excellence.
To know more about us
About Invesco: https://www.invesco.com/corporate/en/home.html
About our Culture: https://www.invesco.com/corporate/en/about-us/our-culture.html
About our D&I policy: https://www.invesco.com/corporate/en/our-commitments/diversity-and-inclusion.html
About our CR program: https://www.invesco.com/corporate/en/our-commitments/corporate-responsibility.html
Apply for the role @ Invesco Careers: https://careers.invesco.com/india/