Cyber Operations Expert

Role: Cyber Operations Expert

Location: Hyderabad

Our Team:

Our Security Operations & SOC team, reporting directly to the CISO alongside the Security Architecture and Governance, Risk, and Compliance teams, plays a pivotal role in maintaining and enhancing the security posture of our organization. Under the leadership of the Security Operations & SOC Lead, this team ensures our organization's resilience against cybersecurity threats and incidents.

Main responsibilities:

The Cyber Operations Expert, reporting to the Security Operations & SOC Lead, will play a crucial role in our cybersecurity efforts. This position is responsible for conducting protection and monitoring, major incident response, vulnerability management, and asset management. The role focuses on ensuring the security and integrity of our organization's digital infrastructure through proactive and reactive measures. The Senior Cyber Operations FTE will work as a member of a 3 FTE sub-team but will also collaborate closely with other cybersecurity teams to provide actionable intelligence and support proactive defence measures. Specific responsibilities of this role include:

• Protection & monitoring
  • Monitor, test and update protection mechanisms for crown jewels and other assets (e.g., blue/red team testing alert config. & thresholds)
  • Automate responses to basic security events across deployed technologies, drive continuous improvement.
  • Drive insights through operational intelligence (e.g., forensics, simulation)
  • Ensure provisioning & de-provisioning of solutions, manage change control.
• Major incident response
  • Create and maintain IR playbooks (incl. documentation of emergency scenarios, business impact analysis)
  • Coordinate red/blue/purple teams and/or war gaming to test IR response mechanisms at least every 12 months and update response plans based on findings.
  • Manage event monitoring, investigation and discovery support and resolution of cyber security incidents.
• Vulnerability management
  • Scan for vulnerabilities across the organization on an ongoing basis.
  • Drive resolution of vulnerability issues (via centralized VA/VM solution)
• Asset management (IT & OT)
  • Coordinate with other teams the management (incl. appropriate classification, specification and funding of protective controls) of IT/OT assets inventory including physicals assets (e.g., servers, networks, endpoint) and that data is up to date and patched appropriately.
  • Coordinate the integration of/operational use of asset management information with SOC.

About you

• Experience:
  • 5-7 years of professional experience (equivalent combination of experience and education accepted)
  • Previous work in an international environment.
  • Demonstrated experience in working within cybersecurity teams, particularly specialized cyber technology capabilities, covering protection and monitoring, major incident response, vulnerability management and asset management.
  • Proven track record of contributing to the design and implementation of security solutions tailored to the unique challenges of protection and monitoring, major incident response, vulnerability management and asset management.
  • Comprehensive knowledge of cybersecurity principles, practices, and technologies across digital domains, ensuring protection of critical assets.
  • Expertise in threat intelligence collection, analysis, and dissemination, monitoring feeds and conducting proactive threat hunting.
  • Proficiency in threat modelling and simulation, developing models to mitigate security threats effectively.
  • In-depth understanding of analysing and correlating threat data to anticipate and mitigate potential cyber-attacks.
  • Experience driving continuous improvement in threat detection and response processes, utilising advanced tools and methodologies.
• Soft skills:
  • Broad experience in working in large digital teams, with an understanding of how digital and business processes are linked.
  • Stakeholder management and communication skills, especially when interacting with senior leadership.
  • Skilled problem solver and self-starter.
  • A hands-on pragmatic attitude to driving change.
  • Positive, "can-do" attitude.
• Technical skills:
  • Proficiency in Sentinel.
  • Experience with AGILE or similar project management frameworks.
  • Working knowledge of common information security management frameworks (ISO/IEC 27001, ITIL, NIST, NISD, CISSP/CCSP, QxP, CIS20).
• Education:
  • Bachelor’s and master’s degree (preferred) in any of the following fields of study: Information Technology, Computer Science, Cybersecurity or Information Security
• Languages:
  • English

Better is out there. Better medications, better outcomes, better science. But progress doesn’t happen without people – people from different backgrounds, in different locations, doing different roles, all united by one thing: a desire to make miracles happen. So, let’s be those people.

At Sanofi, we provide equal opportunities to all regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, ability or gender identity.

Watch our ALL IN video and check out our Diversity Equity and Inclusion actions at sanofi.com!