Information Security Specialist

Overview:

The Information Security Specialist ensures the seamless functioning of security operations by emphasizing proactive incident management. This role requires a mix of technical expertise, analytical thinking, and a proactive approach to improve operational efficiency.

Key Responsibilities:

· Incident Identification and Escalation:

· Detect and log incidents with detailed and timely documentation.

· Analyze, assign, and escalate high-complexity tickets as needed.

· Problem Resolution:

· Investigate third-line support calls and determine root causes.

· Escalate unresolved issues to third-party vendors when necessary.

· Vulnerability Analysis and Risk Assessment

· Perform vulnerability analysis and asses the vulnerability risk by analyzing existing security controls

· Stakeholder Reporting:

· Prepare and deliver regular updates on security activities and incident reports to senior stakeholders.

· Collaboration:

· Partner with IT and security teams to create a cohesive security strategy.

· Ticket Queue Management:

· Monitor and action ticket queue, rapidly resolve technology incident issues for internal users.

· Security Platform Maintenance:

· Maintain/monitor security platforms and services, resolve issues and support SOC/IR (Incident Response) as needed.

· Provide analysis, review, and reporting of the operating state for security platforms, make recommendations for any environmental changes to reduce incident volumes and downtime.

· Maintain, test, and implement security policies and procedures to ensure compliance with company policy, industry standards, and regulatory requirements.

· Rapidly fulfill any SOC/IR requests in response to security incidents.

· Cross-Functional Collaboration:

· Collaborate with cross-functional teams to integrate security solutions into existing infrastructure and workflows.

· Mentorship:

· Mentor junior team members to enhance their skills.

· Continuous Learning:

· Stay up to date with the latest cybersecurity threats, trends, and technologies, and recommend appropriate security controls and countermeasures.

Experience Requirements:

· 4-6 years of experience with SIEM tools like MS Sentinel, Splunk, QRadar, or LogRhythm.

· Proficiency in, EDR tools, Email Security tools.

· Strong background in SOC analysis, including triage, alert investigation, and incident qualification.

· Demonstrated expertise in incident prioritization and in-depth analysis.

· In-depth knowledge of most of the following security technologies: Network DLP, IDS/IPS, Email Security, SWG/Proxy, CASB, CSPM, SASE, SSE, SIEM and forensic network

· Understanding of operating system technology, including Microsoft Windows, MacOS and various Linux distributions.

· Knowledge of virtualization platforms both centrally managed as well as locally managed as well as the means to provide visibility and control to guest systems.

· An understanding of cloud-based endpoint security solutions and experience with public cloud platforms such as AWS, Azure, or Google Cloud Platform.

· Excellent analytical and problem-solving skills, with the ability to troubleshoot complex network security issues.

· Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams.

Skills and Competencies:

· Proficient in SIEM tool, Email Security Tool (ProofPoint, FireEye), Incident Response, and CrowdStrike EDR

· Strong leadership and stakeholder management skills.

· Ability to analyze and optimize SOC operations effectively.

· Proficiency in MS Office.

· CEH/Security+ certification.

Qualifications:

· Bachelor’s degree in computer science, Information Security, Electronics & Communication or related field.

· 8+years of proven experience in operating and managing security solutions in enterprise environments.