Roles & Responsibilities

Responsibilities:

• Monitor Cybersecurity alerts on multiple security systems, issue RFIs, investigate the alerts, remediate, and track for closure.
• Create detection use cases and fine tune detection rules to strengthen detection and reduce false positives.
• Support and coordinate, maintenance, patching, upgrade and troubleshooting of security systems.
• Security Patch/Vulnerability Management.
• Compile monthly statistics on threats and trends.
• Assist in Cybersecurity project implementations.

Requirements:

• Good knowledge of IT security controls, patch management and be involved in operations of Enterprise ICT infrastructure.
• Working experience and fine-tuning/whitelisting with SIEM, EDR, WAF, DAM, IPS/IDS and Anti-Malware systems.
• Experience in Use case creation, log source enablement for SIEM and automation with SOAR.
• Threat Hunting and spoofed email analysis.
• Experienced with security practices of Internet, Intranet, WAN and Cloud networks.
• Good knowledge of Network, Architecture and Windows/Linux OS
  fundamentals e.g. IP addressing, AD, DNS, DHCP, IIS, MSSQL and
  SFTP.

Knowledge in the following area will be an added advantage:

• At least 3 years of working experience in security operations centre, ICT project implementations and support.
• At least 2 years of hands-on practical experience in configuring and monitoring security systems including SIEM, EDR, WAF, DAM, Antimalware, Log Management System, Intrusion prevention/detection systems, security patch management and security incident response.
• Experience in IM8 compliance or other cyber security frameworks e.g. NIST, ISO 27001, CIS. Experience in Windows/Linux Hardening. Security testing knowledge or certification for vulnerability assessment, penetration test and source code review will be a strong advantage.
  

Tell employers what skills you have

SIEM
Security Operations
ICT
Cyber Security
DHCP
EDRMS
ISO
IIS
ISO 27001
Network Architecture
IP
Hardening
WAN
Vulnerability Assessment
DNS