Responsibilities

  • Performs real-time analysis and trending of security log data from various security devices and systems.
  • Maintains data sources feeding the log monitoring system, develops and maintains detection and alerting rules.
  • Responds to user incident reports and evaluates the type and severity of security events.
  • Executes initial triage of incidents to rule out false positives.
  • Documents incidents and develops reports.
  • Identifies recurring security issues and risks and develops mitigation plans and recommends process improvements.
  • Interprets and applies security policies and procedures.
  • Required to be on standby with on-call availability with varied shifts including nights, weekends and holidays.
  • Diligent and takes an analytical approach to perform real-time analyses.
  • Skilled in synthesising trends and insights, and is confident in putting forth creative mitigation plans and solutions to security incidents.

Monitor security systems:

  • Perform audits, reviews, security control assessments, and tests of security operations based on established schedules
  • Perform real time analysis and trending of security log data from various security systems
  • Analyse security event data to identify suspicious and malicious activity
  • Provide inputs to improve security monitoring rules and alerts
  • Document processes related to security monitoring

Maintain security operations:

  • Implement security protocols
  • Create emergency response procedures
  • Maintain data sources feeding the log monitoring system
  • Schedule security checks in accordance with reporting schedules
  • Prepare periodic status reports for presentation to management

Respond to security incidents:

  • Review security incident reports
  • Evaluate the type and severity of security events
  • Assist with establishing procedures for handling detected security events
  • Provide status updates during the life cycle of an incident
  • Create final incident report detailing the events of the incident
  • Support the maintenance and update of business recovery/contingency plans and/or procedures

Provide user support:

  • Respond to user requests for technical assistance
  • Assess incident severity
  • Set clear user expectations on issue resolution
  • Update users on changes in status during issue resolution
  • Manage user accounts

Requirements

  • At least 6-8 years’ of experience in the Cyber Security capacities
  • Strong knowledge and experience in End User Computing, Server, Network and Security
  • Strong experience in supporting Windows, Messaging (Exchange), MDM, Switch, Router, Firewall, NAC, VPN (F5), McAfee FFE/FDE.
  • Network Support - in the areas of wireless, wired, VPN
  • Patch Management (MS OOB, SEP, ATP)
  • Endpoint Protection (Symantec)
  • Vulnerability Assessment
  • Penetration Testing
  • Data Loss Protection
  • Strong experience in managing vendors
  • Security certification
  • ITIL Foundation certified (strong in Incident Management and Problem Management)

Shortlisted candidates will be offered a 1 Year Agency Contract employment.