- The Security Engineer performs real-time analysis and trending of security log data from various security devices and systems.
- He/She maintains data sources feeding the log monitoring system, develops and maintains detection and alerting rules.
- He responds to user incident reports and evaluates the type and severity of security events. He executes initial triage of incidents to rule out false positives. He documents incidents and develops reports.
- He identifies recurring security issues and risks and develops mitigation plans and recommends process improvements.
- Interprets and applies security policies and procedures.
- He/She is required to be on standby with on-call availability with varied shifts including nights, weekends and holidays.
i) Monitor security systems - Perform audits, reviews, security control assessments, and tests of security operations based on established schedules - Perform real time analysis and trending of security log data from various security systems - Analyse security event data to identify suspicious and malicious activity - Provide inputs to improve security monitoring rules and alerts - Document processes related to security monitoring
ii) Maintain security operations - Implement security protocols - Create emergency response procedures - Maintain data sources feeding the log monitoring system - Schedule security checks in accordance with reporting schedules - Prepare periodic status reports for presentation to management
iii) Respond to security incidents - Review security incident reports - Evaluate the type and severity of security events - Assist with establishing procedures for handling detected security events - Provide status updates during the life cycle of an incident - Create final incident report detailing the events of the incident - Support the maintenance and update of business recovery/contingency plans and/or procedures
iv) Provide user support - Respond to user requests for technical assistance - Assess incident severity - Set clear user expectations on issue resolution - Update users on changes in status during issue resolution - Manage user accounts
- Bachelor degree in Information Technology or equivalent.
- Experience in infrastructure security (VPN, firewall, WAF, anti-malware, IPS, SIEM, log management system, network ATP, endpoint detection & response, vulnerability & compliance scanners.
- Experience in security patching, software installation, network/security troubleshooting and maintenance.
- Proactive and possess initiative, self-motivated team player capable of working with minimal supervision.
- Experience with TCP/IP networking protocols and basic security concepts and policies.
- Performs regular review of firewall rulebases and recommend necessary optimization actions.
- Experience with vendor and service level management.
- Certification in CISSP/GCIH/GSEC/CISA/CISM will be an advantage.
Shortlisted candidates will be offered a 1 Year Agency Contract employment.