Job Description

What you will do:

• Respond to security incidents as part of the Incident Response Team.
• Research attempted or successful efforts to compromise systems security, determines causes of security violations, and designs countermeasures.
• Analyse network access requests and make recommendations to management around risks posed by proposed changes
• Utilize analytical and investigative processes to perform threat hunting activities across the organization.
• Analyse existing SIEM correlation rules and make tuning recommendations.
• Contribute to align to security best practice, mitigate known risks and align with business compliance objectives
• Assist other security operational teams with daily tasks such as account management/role assignments, access reviews, patch management operations, audit/testing remediation.
• Create and update documentation and train peers.

Requirement:

• You're curious, passionate, authentic, and accountable. These are our values and influence everything we do.
• 2-3 years of information security experience.
• Demonstrated experience of various IT platforms (i.e. networking, system admin, scripting etc.).
• Demonstrate experience with some of the following systems/methodologies or be interested in expanding domain expertise to include:

• Networking
• Enterprise ticketing systems (e.g. ServiceNow)
• Cloud technologies (e.g. Azure, AWS, O365, GCP)
• Scripting languages (Python, Shell, PowerShell)
• Log management/SIEMs (e.g. Azure Sentinel , Splunk)
• IDS/IPS
• Web content filtering
• DLP
• EDR
• EPM
• Active Directory/Azure AD
• Identity Management & Governance
• Container Security
• Application Security (SCA, DAST, SAST)
• Threat & Vulnerability Management
• Email Security
• Strong communication and interpersonal skills as you will be interfacing with many internal customers.
• Ability to juggle multiple projects and priorities.
• Willing to work in shifts

Skills Required