- Performs real-time analysis and trending of security log data from various security devices and systems.
- Maintains data sources feeding the log monitoring system, develops and maintains detection and alerting rules.
- Responds to user incident reports and evaluates the type and severity of security events.
- Executes initial triage of incidents to rule out false positives. He documents incidents and develops reports.
- Identifies recurring security issues and risks and develops mitigation plans and recommends process improvements.
- Interprets and applies security policies and procedures.
- Required to be on standby with on-call availability with varied shifts including nights, weekends and holidays.
Monitor security systems - Perform audits, reviews, security control assessments, and tests of security operations based on established schedules - Perform real time analysis and trending of security log data from various security systems - Analyse security event data to identify suspicious and malicious activity - Provide inputs to improve security monitoring rules and alerts - Document processes related to security monitoring
Maintain security operations - Implement security protocols - Create emergency response procedures - Maintain data sources feeding the log monitoring system - Schedule security checks in accordance with reporting schedules - Prepare periodic status reports for presentation to management
Respond to security incidents - Review security incident reports - Evaluate the type and severity of security events - Assist with establishing procedures for handling detected security events - Provide status updates during the life cycle of an incident - Create final incident report detailing the events of the incident - Support the maintenance and update of business recovery/contingency plans and/or procedures
Provide user support - Respond to user requests for technical assistance - Assess incident severity - Set clear user expectations on issue resolution - Update users on changes in status during issue resolution - Manage user accounts
- Diploma/Degree in Computer Science, Engineering or equivalent.
- Minimum 3 years experience in IT Security
- Experience in managing security operations
- Experience in building and maintaining security systems
- Hands-on experience in security technology like firewall, IPS, WAF, endpoint
- Experience with network security and networking technologies and with system, security, and network monitoring tools.
- Good team player with strong communication skills with project teams, stakeholders, senior management, and contractors including both technical and non-technical personal.