At TomTom…You’ll move the world forward. Every day, we create the most innovative mapping and location technologies to shape tomorrow’s mobility for the better.
We are proud to be one team of more than 5,000 unique, curious, passionate problem-solvers spread across the world. We bring out the best in each other. And together, we help the automotive industry, businesses, developers, drivers, citizens and cities move towards a safe, autonomous world that is free of congestion and emissions.
What You'll Do
Monitor, triage, investigate and respond to suspicious activity across all company assets.
Perform log analysis and analyse datasets to support alert and response activities.
Perform host forensics and basic malware analysis when necessary.
Provide data driven insights to improve cybersecurity operations.
Create & maintain detection use cases & implement improvements.
Perform root cause analysis for security incidentsand assist with remediation, strategy development and implementation.
Actively hunt for threats in our systems, applications and network and describe possible solutions.
Own and manage new security related projects in Security operations.
Liase with different functions and teams and ensure a secure architecture.
Implement security architecture improvements by assessing current situation and evaluatingattack trends.
Communicate and collaborate with both technical and non-technical professionals.
Use a combination of manual and automated tools to proactively analyse various data.
Help stakeholders to determine the best course of action to remedy the problems.
Work effectively with team members and leadership by communicating cybersecurity trends and sharing ideas and knowledge in a constructive and positive manner;
As an SME for Security Incident response;Guide and mentor other team members, and provide internal training/ knowledge sharing where required.
Actively participate in our goal to continuously improve the way we work; identify improvement areas on our technology, process and techniques to enhance our detection and response capabilities.
Actively look for security updates, vulnerabilities and attack trends; Recommend best practices and fixes.
Ensure the ongoing core objectives of the CSIRT are accomplished and measurable.
Be a part of our Security on-call rota
Minimum 5+ years working in security practices (CSIRT/SOC experience preferred);
Expert level understanding of the incident response lifecycle at both technical and procedural level;
Extensivedemonstrable experience performing incident response across different operating systems;
Ability to quickly solve problems using scripting and automation;
Strongunderstanding of IT fundamentals across networking, system, and application layers;
Strong understanding of Cloud infrastructure & experience of incident response in cloud environments.
Proven ability to prioritize incoming escalations and requests appropriately using clear communications;
Excellent interpersonal and communication skills in order to share knowledge with peers and to communicate effectively with different stakeholders;
Strong low-level understanding of different flavors of Operating systems like Windows, Linux and Mac and securing them.
Expert knowledge of Endpoint Detection and Response (EDR) tools for incident analysis;
Expert knowledge of Security Incident & Event Monitoring (SIEM) tools for incident analysis;
Strong ability to perform host and network forensics.
Deep understanding on multiple attacker tactics, techniques and procedures; Very good understanding of Mitre ATT&CK framework.
8+ years working in an enterprise level organization with responsibilities related to computer security or system administration
Experience identifying and delivering automation & orchestration of security playbooks (SOAR)
Strong written and verbal communication skills.
Strong technical analytical and problem-solving skills.
SANS certifications (GCIH, GCFA, GFNA, GCIA, etc.)
Experience working with distributed teams, willingness and experience in being a team player and dealing with people from various backgrounds and locations across the company, also possess the ability to work independently.
Meet your team
We’re the Information Security Unit. Within one of our five areas of focus, you’ll be responsible for supporting and developing capabilities that help ensure TomTom’s products, services, employees, and customers are secure. These areas and capabilities include Governance, Risk and Compliance who establish processes, guidelines, standards to minimize risk; Security Operations for monitoring and incident management; Business Information Security to support data privacy and help drive adherence to policies; DevSecOps to support secure product development and establish best practices; and Security Awareness to increase and maintain knowledge of security throughout the organization.
Achieve moreWe are self-starters who play well with others. Every day, we solve new problems with creativity, meet new people and learn rapidly at our offices around the world. We will invest in your growth and are committed to supporting you. In everything we do, we’re guided by six values We care, putting our heart into what we do; we build trust (you can count on us); we create – driven to make a difference; we are confident, but don’t boast; we keep it simple, since life is complex enough; and we have fun because life’s too short to be boring.
After you applyOur recruitment team will work hard to give you a meaningful experience throughout the process, no matter the outcome. Your application will be screened closely and you can rest assured that all follow-up actions will be thorough, from assessments and interviews through your onboarding.
TomTom is an equal opportunity employerWe celebrate diversity, thrive on each other’s differences and are committed to creating an inclusive environment at our offices around the world. Naturally, we do not discriminate against any employee or job applicant because of race, religion, colour, sexual orientation, gender, gender identity or expression, marital status, disability, national origin, genetics, or age.
Ready to move the world forward?