Company: Ferguson GCC
Location: Bengaluru, Karnataka, India
LinkedIn post

ANSR is hiring for one of our client

About Ferguson:

Since 1953, Ferguson has been a source of quality supplies for a variety of industries. Together We Build Better infrastructure, better homes and better businesses. We exist to make our customers’ complex projects simple, successful, and sustainable. We proactively solve problems, adapt and grow to continuously serve our customers, communities and each other. Ferguson is proud to provide best-in-class products, service and capabilities across the following industries: Commercial/Mechanical, Facilities Supply, Fire and Fabrication, HVAC, Industrial, Residential Trade, Residential Building and Remodel, Waterworks and Residential Digital Commerce. Ferguson has approximately 36,000 associates across 1,700 locations. Ferguson is a community of proud associates who operate with the shared purpose of building something meaningful. You will build a career that you are proud of, at a company you can believe in.


Duties and Responsibilities:

  • Conduct in-depth analysis of security incidents advanced from Tier 1 analysts, figuring out root cause, impact, and remediation steps.
  • Perform periodic quality control checks on Tier 1 issues to ensure critical incidents are not missed.
  • Triage, route, or handle incoming non-security calls during evening shifts, directing them to the appropriate teams.
  • Call out complex incidents to the Cyber Threat Prevention team for deeper analysis, following runbook procedures.
  • Collaborate with the Cyber Threat Prevention team to enhance processes, drive automation, and implement "shift-left" strategies.
  • Ensure the availability and reliability of all security services and platforms.
  • Find opportunities for security rule tuning based on detection patterns and advance where needed.
  • Work across teams to improve monitoring and detection mechanisms, and communicate progress to business collaborators.
  • Assist in improving operations runbooks and partner with Automation teams to automate response procedures.
  • Maintain strong relationships with IT, Security, third parties, and business collaborators to ensure alignment with security goals.
  • Monitor and report on security service consumption, ensuring SLAs are met.
  • Stay informed on emerging technologies and trends, assessing their relevance to Ferguson’s cybersecurity needs.
  • Provide guidance and mentorship to junior analysts, supporting their professional development.
  • Ensure compliance with security policies and collaborate with the Security Governance team to enforce standards.
  • Participate in training to enhance skills and knowledge of new security technologies.
  • Adhere to all policies and procedures and be flexible to perform additional duties as required.
  • Availability to work weekends and holidays based on shift assignments.


Qualifications and Requirements:

  • 3-6 years of professional experience in incident response, focusing on advanced threat detection and analysis, ideally within a Security Operations Center (SOC). Experience should include handling sophisticated incidents, multi-functional collaboration, and contributing to SOC process improvements.
  • Certifications such as Security Blue Team Level 2 (BTL2), CASP+, or CISSP are desirable.
  • Bachelor’s Degree or equivalent experience in Cybersecurity, Computer Science, IT, or a related field is preferred.
  • Good understanding of incident response procedures (containment, eradication, and recovery).
  • In-depth knowledge of cyber threats, vulnerabilities, and attack types.
  • Proficiency with SIEM tools for advanced configuration and analysis.
  • Extensive experience in log analysis (EDR, Firewall, Active Directory, WAF).
  • Familiarity with network protocols for traffic analysis and anomaly detection.
  • Ability to identify complex Indicators of Compromise (IOCs) and malware behaviors.
  • Basic digital forensics skills for collecting and preserving evidence.
  • Hands-on experience with Azure Sentinel and KQL.
  • Familiarity with the MITRE ATT&CK framework and threat intelligence integration.
  • Ability to develop and implement mitigation strategies for security incidents.
  • Basic scripting skills (Python, PowerShell) for automating response procedures.
  • Effective communication skills for documenting incidents and providing detailed reports.
  • Critical thinking and problem-solving ability to analyze complex incidents and create response strategies.
  • Attention to detail to identify advanced threats and recurring patterns.
  • Ability to adapt to emerging threats and new technologies.
  • Experience working in team environments, collaborating across functions.
  • Skilled in coordinating incident response functions and guiding SOC teams.
  • Ability to develop and deliver effective presentations.
  • Proficiency with Microsoft Office (Outlook, Word, Excel, PowerPoint).
  • Strong organizational skills to handle multiple priorities and meet deadlines.