Home / Search & Apply / Search Results

Search All Jobs

Cyber Security Operation Lead Engineer

Location: Shanghai-New Bund

POSTED DATE: 12\/10\/2023

Apply now

ROLE PROFILE

The Opportunity

 

Jaguar Land Rover is leading the way with initiatives to improve the customer experience through the use of vehicle data to manage, update and improve the car. We are looking for a cyber security operation expert, with experience of security vulnerability evaluation and repair, to join the team and play a leading role in continuing to manage and develop our connected vehicles in a secure way. This exciting role will support one of our agile teams focussed on rapidly deploying new services to the customer and be a part of a wider vehicle cyber security group ensuring the resilience and compliance of all our customer products.  

 

Key Performance Indicators

  • Development and improvement of Cyber Ops playbooks
  • Timely and sufficient response to security incidents and assessment services and documents findings
  • Development and enhancement of platform security and security practices
  • Identify security exposures
  • Effective communication

 

Key Accountabilities and Responsibilities

Key areas of responsibility: 

  • Analyse and report on security events, notifications or alerts escalated from operational support assets at Tier 1 and Tier 2.
  • Monitor, analyse and investigate anomalous events as detected by various data feeds.
  • Contribute to the development and improvement of Cyber Ops playbooks for use with operational support teams.
  • Communicate recommended mitigating actions as part of the incident response process
  • Perform post incident lessons learned and root cause analysis
  • Reporting on security events in periodic summative intelligence reporting.
  • Lead cyber security incident response engagements covering incident handling and coordination, in-depth technical analysis and investigation through to recovery.
  • Identify patterns and behaviours related to threat actors and propose improvements to detection and protection capabilities.
  • Develops security solutions using structured development methodology in accordance with corporate standards and industry standards.
  • Participates in research and evaluation of security solutions.
  • Support and mentor team members, and the wider DevSecOps community in JLR to drive continual improvement in threat response and incident management.
  • Provides on-call support 24x7x365, as required/scheduled.

 

Knowledge, Skills and Experience

 Essential:

  • End to end understanding of attack frameworks such as MITRE and the Cyber Kill Chain
  • Ability to conceptualise and articulate security threats of an integrated IT/OT environment.
  • Experience of working within an agile delivery environment and/or DevOps techniques and practices
  • Identification of potential threats through to resolution/mitigation providing clear communication throughout.
  • Document security incidents both for compliance reporting and case study investigation.
  • Flexibility in working occasional unsociable hours to support business critical requirements (e.g. out of hours Incident response, anomalous outages, etc).
  • 3 or more years experience of working with a SOC
  • Previous experience of AWS, or other major cloud service providers.
  • Ability to provide technical mentorship to security team & DevOps community members.
  • Understand intelligence-led threat hunting
  • Support security content generation in signature detection and identify opportunities for autonomous improvements in partnership with the JLR’s DevSecOps Security Engineering squads.
  • Endpoint and network-based analysis.
  • Desirable knowledge includes technical security knowledge covering network architecture, container based IT infrastructure, IT/OT integration and its threats and opportunities.

 

Desirable:

  • Previous involvement in all stages of the software delivery lifecycle
  • Some experience of at least one major cloud provider (AWS, Ali, Azure) and ideally Kubernetes experience

 

 

Personal Profile

Essential:

  • An individual with a passion for modern high-quality software engineering and DevSecOps practices
  • An individual with a customer first mind-set who is easy to do business with and makes people feel special, driven to deliver experiences that are personalised, transparent and dependable.
  • An individual who is results driven, demonstrates, tenacity, drive and perseverance, with the ability to deliver in a complex, highly demanding environment.
  • An individual who is resilient, energetic and enthusiastic, able to deliver results under pressure, whilst responding constructively to challenging new ideas and inputs
  • An individual who is able to challenge existing thinking in a positive way whilst building credibility and trust through experience and personal style
  • An effective team player, actively supports and collaborates with other team members
Apply now