i) Monitor security systems * Perform audits, reviews, security control assessments, and tests of security operations based on established schedules * Perform real time analysis and trending of security log data from various security systems * Analyse security event data to identify suspicious and malicious activity * Provide inputs to improve security monitoring rules and alerts * Document processes related to security monitoring
ii) Maintain security operations * Implement security protocols * Create emergency response procedures * Maintain data sources feeding the log monitoring system * Schedule security checks in accordance with reporting schedules * Prepare periodic status reports for presentation to management
iii) Respond to security incidents * Review security incident reports * Evaluate the type and severity of security events * Assist with establishing procedures for handling detected security events * Provide status updates during the life cycle of an incident * Create final incident report detailing the events of the incident * Support the maintenance and update of business recovery/contingency plans and/or procedures
iv) Provide user support * Respond to user requests for technical assistance * Assess incident severity * Set clear user expectations on issue resolution * Update users on changes in status during issue resolution * Manage user accounts
- Bachelor degree in Information Technology or equivalent.
- Experience in infrastructure security (VPN, firewall, WAF, anti-malware, IPS, SIEM, log management system, network ATP, endpoint detection & response, vulnerability & compliance scanners.
- Experience in security patching, software installation, network/security troubleshooting and maintenance.
- Proactive and possess initiative, self-motivated team player capable of working with minimal supervision.
- Experience with TCP/IP networking protocols and basic security concepts and policies.
- Performs regular review of firewall rulebases and recommend necessary optimization actions.
- Experience with vendor and service level management.
- Able to articulate and leverage on technology to meet organisation’s goals, with a holistic view of technology and business.
- Certification in CISSP/GCIH/GSEC/CISA/CISM will be an advantage.