Key skills
AzureCloudLinuxTCP/IPUnixActive DirectorySaaSNetwork SecurityFirewall
About this role
Role Overview
- Assess SIEM/sensor coverage and health
- Perform alert and event analysis, vulnerability management, KPI and SLA management
- Perform incident investigation, and perform other ad hoc security related activities from time to time
- Monitor threat and vulnerability news
- Coordinate / follow-up on activities and communications with key external security partners and other internal stakeholders including IT/Technical teams
- Perform level-1 triage of the alarms, events and threats escalated by our security operations center (SOC) and globally deployed SIEM
- Quickly action mitigation plans as per SLA in order to respond to different source of threat such as Malware, insider threat, external compromise, etc
- Maintain and troubleshoot security systems deployed across all market networks, on all endpoints, and cover user accounts
- Track coverage of security tools deployed, assist in new deployments, upgrades, changes and other global projects as directed
- Track and report on security non-compliance related to endpoint security coverage, device hardening, AD accounts, or other various security areas as assigned
- Respond and provide security guidance to remediate incidents and issues within SLA
- Respond/Coordinate efforts between key stakeholder teams to emergency security threats from Firewall (FW), Intrusion Detection Systems (IDS), Access Control, Email Threat Protection, and Antivirus
- Collaborate with technical leads across all countries: IT, Technology, Service Desk, Applications owners on matters related to security across global footprint
- Report accurately and in timely manner on security incidents and global threat landscape to Group Security Operations Manager
- Manage and maintain vulnerability scanning platform and configure/control the vulnerability scans, subsequent market-level reporting and also provide remediation guidance and perform follow-up tracking as necessary
- Assist to generate and improve findings from security tests, assessments, reports and Key Performance indicators (KPI)
- Find innovative ways to promote and support good security practices with Digicel’s entities
- Collect logs and evidences for investigations and provide support as needed
- Perform other duties as assigned from time to time
Requirements
- Bachelor’s degree in IT/Computer Science, or equivalent education and/or experience
- One (1)
- two (2) years’ experience in IT/Network Administrator or equivalent knowledge OR
- One (1) year of experience in IT Security domains (Network security, security operations, compliance and regulations)
- Good general knowledge of IT and networked systems: web servers, active directory, mail servers, file servers, databases
- Good knowledge of Unix/Linux and Windows Operating system and their security
- Working knowledge and understanding of network and application security principles
- Working knowledge of TCP/IP, common internet protocols and applications
- Knowledge of virtualized/cloud computing (Iaas, Saas, Paas), Azure networks and their security
- Familiarity with Network protocols and packet analysis tools.
- Knowledge of various security methodologies and processes, and technical security solutions (firewall, endpoint protection, system hardening, DDOS protection and intrusion detection systems).
- Understanding of cloud based critical infrastructure systems security threats
- Familiarity with security vulnerabilities, advisories, incidents, penetration techniques, attack vectors, and countermeasures.
- Industry accepted certifications preferred (eg. CISA, CISSP, CISM, GIAC, Comptia security+, Azure fundamentals)
Tech Stack
- Azure
- Cloud
- Linux
- TCP/IP
- Unix
Benefits
- Health insurance
- Professional development opportunities
- Paid time off