Monitor, triage, investigate, and respond to suspicious activity across all company assets.
Perform log analysis and analyse datasets to support alert and response activities.
Provide data driven insights to improve cybersecurity operations.
Create & maintain detection use cases & implement improvements.
Interface with other teams as required.
Perform root cause analysis of security issues.
Use a combination of manual and automated tools to proactively analyse various data.
Help stakeholders to determine the best course of action to remedy the problem
Work effectively with team members and leadership by communicating cybersecurity trends and sharing ideas and knowledge in a constructive and positive manner;
Actively participate in our goal to continuously improve the way we work; identify improvement areas on our technology, process and techniques to enhance our detection and response capabilities.
Ensure the ongoing core objectives of the CSIRT are accomplished and measurable.
Be a part of our Security on-call rota
What you’ll need
Minimum 3+ years working in security practices (CSIRT/SOC experience preferred);
Demonstrable experience of the incident response lifecycle at both technical and procedural level;
Demonstrable experience performing incident response across different operating systems
Ability to quickly solve problems using scripting and automation;
Strong understanding of IT fundamentals across networking, system, and application layers;
Strong understanding of Cloud infrastructure & experience of incident response in cloud environments.
Proven ability to prioritize incoming escalations and requests appropriately using clear communications;
Excellent interpersonal and communication skills in order to share knowledge with peers and to communicate effectively with different stakeholders;
Strong knowledge of Endpoint Detection and Response (EDR) tools for incident analysis;
Expert knowledge of Security Incident & Event Monitoring (SIEM) tools for incident analysis;
Willingness to be part of an on-call rota for out of hours escalations
What’s nice to have
5+ years working in an enterprise level organization with responsibilities related to computer security or system administration
Experience in the automation & orchestration of security playbooks (SOAR)
Strong written and verbal communication skills
SANS certifications (GCIH, GFNA, GCIA, GSEC, etc.)
Experience working with distributed teams
Meet your team
We’re the Information Security Unit. Within one of our five areas of focus, you’ll be responsible for supporting and developing capabilities that help ensure TomTom’s products, services, employees, and customers are secure. These areas and capabilities include Governance, Risk and Compliance who establish processes, guidelines, standards to minimize risk; Security Operations for monitoring and incident management; Business Information Security to support data privacy and help drive adherence to policies; DevSecOps to support secure product development and establish best practices; and Security Awareness to increase and maintain knowledge of security throughout the organization.
We are self-starters who play well with others. Every day, we solve new problems with creativity, meet new people and learn rapidly at our offices around the world. We will invest in your growth and are committed to supporting you. In everything we do, we’re guided by six values We care, putting our heart into what we do; we build trust (you can count on us); we create – driven to make a difference; we are confident, but don’t boast; we keep it simple, since life is complex enough; and we have fun because life’s too short to be boring.
After you apply
Our recruitment team will work hard to give you a meaningful experience throughout the process, no matter the outcome. Your application will be screened closely and you can rest assured that all follow-up actions will be thorough, from assessments and interviews through your onboarding.
TomTom is an equal opportunity employer
We celebrate diversity, thrive on each other’s differences and are committed to creating an inclusive environment at our offices around the world. Naturally, we do not discriminate against any employee or job applicant because of race, religion, colour, sexual orientation, gender, gender identity or expression, marital status, disability, national origin, genetics, or age.
Ready to move the world forward?