Job
Description
We are now looking for a Security Engineer professional. This job role is responsible for tracking, coordination, support, management, and execution of security related activities to ensure that services provided to customers are continuously available and performing to Service Level Agreement (SLA) performance levels. What you will do, Incident Management Respond after hours (on-call support) Coordinate and conduct event collection, log management, event management, and compliance automation Respond to day-to-day security change requests related to security operations Conduct security research and intelligence gathering on emerging threats and exploits Create new rules based on identified scenarios Perform postmortem analysis on logs, traffic flows, and other activities to identify malicious activity Security analysis (networking devices and operating systems, endpoint analysis, network attacks) Work with the various Technical Authority teams to respond to and resolve security incidents effectively and quickly Provide Root Cause Analysis for security incidents, and outages / impairments related to security tools Administer authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets Tools Integration Integration of nodes to security tools (SIEM, VA, IAM, etc.) Deploy content (policies, signatures, parsers or rules) for the security infrastructure Vendor Communications Work with SIEM, IPS/IDS, IAM vendors for application related issues Process Improvement Mentor level 1 analysts to improve detection capability within the SOC Prepare Use Cases & MOPs on identified scenarios Create, maintain and improve technical operational work instructions Drive continuous process improvements by providing inputs on the current processes and possible improvement opportunities Governance and Reporting Business intelligence reporting based on SOC and customer needs Identify and report risks related to security Perform periodic reporting and when applicable, present to management and/or the customer s security team To be successful in this role, you must have: Strong knowledge of information security Working knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.) Knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving Understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks, along with available security controls (technical & process controls) for respective layers Key Qualifications: Graduate in Computer Science or similar 5 to 11 years experience with at least 2 years of experience in IT and 2 years in security ITIL certification, CCSP, OSCP, Security +, CCNA Security or similar will be an advantage
