- Performs real-time analysis and trending of security log data from various security devices and systems.
- Maintains data sources feeding the log monitoring system, develops and maintains detection and alerting rules.
- Responds to user incident reports and evaluates the type and severity of security events.
- Executes initial triage of incidents to rule out false positives.
- Documents incidents and develops reports.
- Identifies recurring security issues and risks and develops mitigation plans and recommends process improvements.
- Interprets and applies security policies and procedures.
- Required to be on standby with on-call availability with varied shifts including nights, weekends and holidays.
- Diligent and takes an analytical approach to perform real-time analyses.
- Skilled in synthesising trends and insights, and is confident in putting forth creative mitigation plans and solutions to security incidents.
Monitor security systems:
- Perform audits, reviews, security control assessments, and tests of security operations based on established schedules
- Perform real time analysis and trending of security log data from various security systems
- Analyse security event data to identify suspicious and malicious activity
- Provide inputs to improve security monitoring rules and alerts
- Document processes related to security monitoring
Maintain security operations:
- Implement security protocols
- Create emergency response procedures
- Maintain data sources feeding the log monitoring system
- Schedule security checks in accordance with reporting schedules
- Prepare periodic status reports for presentation to management
Respond to security incidents:
- Review security incident reports
- Evaluate the type and severity of security events
- Assist with establishing procedures for handling detected security events
- Provide status updates during the life cycle of an incident
- Create final incident report detailing the events of the incident
- Support the maintenance and update of business recovery/contingency plans and/or procedures
Provide user support:
- Respond to user requests for technical assistance
- Assess incident severity
- Set clear user expectations on issue resolution
- Update users on changes in status during issue resolution
- Manage user accounts
- At least 6-8 years’ of experience in the Cyber Security capacities
- Strong knowledge and experience in End User Computing, Server, Network and Security
- Strong experience in supporting Windows, Messaging (Exchange), MDM, Switch, Router, Firewall, NAC, VPN (F5), McAfee FFE/FDE.
- Network Support - in the areas of wireless, wired, VPN
- Patch Management (MS OOB, SEP, ATP)
- Endpoint Protection (Symantec)
- Vulnerability Assessment
- Penetration Testing
- Data Loss Protection
- Strong experience in managing vendors
- Security certification
- ITIL Foundation certified (strong in Incident Management and Problem Management)
Shortlisted candidates will be offered a 1 Year Agency Contract employment.