As part of the Information Security team, you will provide industry standard Tier 2 Support to Bapco’s IT Security Operations Centre by ensuring effective incident detection and response against information security threats for protecting system integrity and availability.
You will serve as a first line of cybersecurity defense, triaging all cybersecurity events and alerts, detecting and investigating suspicious and malicious activity within networks and systems, taking immediate containment and response actions for protecting system integrity. You have the ability to work outside normal business hours and/or to be in an on-call rotation to assist with troubleshooting security related issues.
ROLE AND RESPONSIBILITIES
You will be responsible to:
- Continuously monitor, by using Security tools, User Activity, Network Events and alerts that merit investigation to eliminate minor threats or false positives.
- Categorize all detected real threats, conduct further analysis, decide on a strategy for containment and initiate actions to ensure minimum impact on availability and integrity of systems, data and operations.
- Identify the scope of incidents affecting systems by using tools such as Security Incident & Event Monitoring (SIEM), Threat Intelligence (TI) and Indicators of Compromise (IoC’s) and take effective actions to remediate threats.
- Escalate severe incidents (Tier3) and critical breaches to Senior Analyst IT Security Operations, to facilitate advanced incident handling for avoiding the business disruptions.
- Participate in security incident management and vulnerability management processes to ensure that corporate data and technology platform components are safeguarded from known threats.
- Follow the Incident Response process to its conclusion and documents all relevant information in case further remedial actions are required and for future reference.
- Document and initiate any Requests for Change required by the Incident Response process to prevent or mitigate future incidents.
- Perform regular housekeeping, maintenance and configuration of IT Security systems and monitoring tools in accordance with documented Bapco standards and procedures, maintain detailed records of such activities, to ensure optimal performance.
- Provide recommendations in tuning and optimization of security systems, SOC security processes, procedures and policies.
- Participate in evaluating, recommending, implementing, and troubleshooting security solutions and evaluating IT security of the new IT Infrastructure systems.
Qualifications
REQUIREMENTS
- BSc/MSc Degree in Computer Science or equivalent
- Relevant IT Security Certifications from recognized institution.
- 7+ years in Information Security, with minimum 3 years in a Tier 2 Security Operations role.
- Strong understanding of security incident management, malware management and vulnerability management processes.
- Security monitoring experience with one or more SIEM technologies and intrusion detection and prevention technologies, with demonstrated skills in digital investigations including computer forensics, network forensics, malware analysis and memory analysis.
- Ability to analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents.
- Strong understanding of networking principles including TCP/IP, WANs, LANs, network ports and Internet protocols such as SMTP, HTTP, FTP, POP, LDAP, SSH, etc.
- Knowledge of Firewall, IPS/IDS, A/V, Proxy, VPN technologies.
- Understanding of programming and scripting such as Python, PowerShell, etc.
- Good knowledge of IT Infrastructure, IT Networks, Operating Systems, Client-Server applications, Cloud solutions and Cloud Security architecture requirements.
- Good written and spoken communication skills with the ability to communicate effectively at all levels.
- Detail oriented with strong organizational and analytical skills.
- Self-starter and good team-player, with ability to effectively prioritize and execute tasks under pressure
- Fluent English.
Comments
Post a Comment