· Follow direction of Network Operations Center Manager and Senior Manager, Information Security.
· Queue management / initial fielding of service desk requests into the InfoSec Team from 3rd parties and business.
· Support and initial escalation point for local Information Security Engineers with input into global InfoSec team.
· Contribute to the preparation and maintenance of Standard Operating Procedures (SOP), Troubleshooting and Knowledge Base documentation
· Event Management initial triage (e.g. Anti-Virus and security device alerts) including assessing urgency with escalation as necessary to wider InfoSec and NoC teams.
· Proactively investigate Security Information and Event Management (SIEM) and network traffic logs for potential issues.
· Manage, and assist with security tool configuration and tuning including, regular audits to ensure optimal health and performance.
· Troubleshooting components using proven techniques for IT systems analysis and evaluation.
· Undertake phishing analysis and associated end user assistance.
· Assist with vulnerability management tracking and escalation.
· Participate in execution of annual audit(s) with vendor and internal personnel (e.g. SSAE18)
· Support new security projects and initiatives
· Follow defined processes for workflow, incident and change management, participating and highlighting potential improvements.
· Ensure deliverables as per expected to KPI, KRI and SLAs
· Willing to work in 24X7 environment.
· Detailed and thorough documentation of all tasks.
- Other duties as required
· Good academic background with a degree or equivalent experience in Information Technology.
· 3 years’ experience in IT operational environments and active interest in expanding computing and security operations knowledge.
· Understanding of security practices, standards and vulnerability identification, verification, and remediation (CIS, NIST, SANS top 25, etc.).
· Knowledge of common desktops, web application, database, cloud architectures, cryptography, SSO authentication (e.g. Oauth2, SAML, WS-Fed, etc.), system administration tasks and basic networking.
· Works well in a busy team, being quick to learn and able to deal with a wide range of issues.
Industry certifications are a plus:
o CompTIA IT Fundamentals
o CompTIA A+
o CompTIA Network+
o CompTIA Security+
o CompTIA CySA+
o ISC2 SSCP