Applied Materials, Inc. is the leader in materials engineering solutions used to produce virtually every new chip and advanced display in the world.

Information Security threat landscape continues to remain increasingly complex and require constant vigilance to secure a large, global enterprises. Applied has an exciting opportunity to join a world-class information security team, working with a global team and external agencies to protect Applied Materials.

This position will be based in Bangalore, India and will be responsible for administration, maintenance, and integration of multiple security platforms for security operations technical analysis, assessment and recommendations in the areas of real-time security situational awareness, operational network & Identity management system and applications systems security monitoring

Key Responsibilities:

• Lead security incident response in a cross-functional collaboration environment driving towards incident resolution
• Develop IR initiatives that improve our capabilities to respond and remediate security events faster
• Perform forensic analysis of digital information
• Validating the ingest of log sources and maintaining the flow of required logs to the SIEM
• Contributing to the configuration and maintenance of security operations controls such as antivirus, application whitelisting, Host Intrusion Detection Systems (HIDS), Network Intrusion Detection Systems (NIDS), and Security Information and Event Management (SIEM) and Security Orchestration and Automation Platforms
• Perform analysis of logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify and investigate potential threats
• Build automation for identification, response, and remediation of malicious activity
• Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
• Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action
• Work with Computer Security Incident Response Team (CSIRT) to manage & contain information security incidents and events to protect company IT assets, Intellectual Property, and company's reputation
• Respond to advisory service requests to address and drive thru for closure as needed.
• Perform technical research into advanced, targeted attacks, crimeware campaigns, malware and other emerging technologies and techniques to identify and report on cyber-attacks and attackers
• Perform proactive research to identify, categorize and produce reports on new and existing threats
• Supply actionable recommendations to other teams within Applied Materials, to bolster cyber security efforts
• Display strong technical aptitude with: IT Security, Enterprise Firewalls, Intrusion Detection and Prevention, Antivirus, Web and Email Security, Server and application monitoring, Windows and Linux based Web Services

Skills Requirement:

• Bachelor's degree or equivalent experience in Security
• Knowledge of networking technologies, specifically TCP/IP and the related protocols
• Knowledge of operating systems, file systems, and memory on Windows, MacOS, or Linux
• Experience with an interpreted programming language (PHP, Python, Perl, Ruby, etc.)
• Experience with attacker tactics, techniques and procedures
• 8+ years of experience in cyber security
• Strong problem-solving and analytical skills, initiative, eagerness to learn, improve, and ability to work independently within a team structure
• Background in malware analysis, intrusion detection, and/or threat intelligence
• Experience “threat hunting”, i.e. using threat intel to proactively and iteratively investigates these potential risks and finding suspicious behavior in the network
• Experience in host and memory forensics (including live response) for Windows, OSX, and/or Linux
• Broad knowledge across the Security domain, as well as deep focus in one (or more) areas such as: Logs and events processing, Incident Management, Detection and/or response tool development
• Previous experience in a Security Operations Center (SOC) & MITRE Framework
• Experience analyzing network and host-based security events

Preferred certifications CEH, Security+ CISSP,  GCIH