Act as Incident first responder for a 24/7 staffed SOC, reviewing and verifying system alerts
Assist with the development of incident response plans, workflows, and SOPs
Maintain security sensors and tools
Monitor security sensors and review logs to identify intrusions
Escalate security incidents using established policies and procedures
Perform initial analysis of security events, network traffic, and logs to engineer new detection methods, or create efficiencies when available
Work directly with threat intelligence analysts to convert intelligence into useful detection
Identify incident root cause and take proactive mitigation step
Perform lessons learned activities
Provide analysis of security log data from a large number of heterogeneous security devices
Review vulnerabilities and track resolution
Review and process threat intel reports
Implement detection use cases
Liaise with Ensign customers on security intrusions and provide swift and accurate remedial action
Requirements
Diploma/Degree in Information System/Information Security from a recognized institution
3 -5 years working experience in a Security Operations Centre
Good knowledge of network routing and switching fundamentals to include knowledge of Multiprotocol Layer Switching (MPLS)
Good technical understanding of operating systems, network architecture and design
Good knowledge of encryption, key management and cryptology
Proven ability to plan and prioritize work, both their own and that of project team.
Sound understanding of organizational issues and challenges. Able to work effectively with participants at all levels in an organization
Ability to analyze problems and determine root causes, generating alternatives, evaluating and selecting alternatives and implementing solutions.
Possess excellent writing skills and the ability to communicate to teammates as well as technical and executive level staff
Results Oriented
Preferred Skills /Qualities
SANS recognized certification
Professional information technology/security certifications such as ITIL, CCNA and CEH will be preferred but related qualification (i.e. GCIA, CISSP etc.)
Other Special Working Conditions
Able to perform 12-hour shift duties (2 days’ work with 2 off-days). Working hours: AM - 8:30am to 8:30pm; PM - 8:30pm to 8:30am. Shift patterns and duration may vary from time to time.
Beware of fraud agents! do not pay money to get a job
MNCJobz.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.