Job Description

JOB DESCRIPTION Role Proficiency: Provide management for specific or multiple SIEM or EDR technologies for global customers to ensure and maintain the platform is functioning as expected. Ensuring contractual requirements are being met as well as proactively taking responsibility to guarantee resolution of issues and work items for the broader team. Outcomes: Monitor investigate and provide meaningful resolution for tickets and issues across multiple SIEM or EDR types across multiple customers. Escalate issues observed to a team member if appropriate to ensure optimal performance within the supported platform Assist with service requests for platform types such as access requests as well as more targeted requests for specific modules on platforms such as dashboard creation and query support. Investigate complex issues to ensure optimal service for internal and external stakeholders. Provide assistance with maintenance activities helping to improve understanding of architecture of platforms being supported. Practice self-study to build proficiency for supported toolsets Proactively develop and maintain documentation and knowledge articles for the boarder members of the team related to customer support Generate relevant reporting as required for platforms supported on a regular basis ensuring internal and external reporting requirements are met. Regularly engage with Technical Account Managers and Delivery Leads to ensure that any potential changes to service are captured early as well as keeping informed of any in-life issues. Ensure in-life requests are appropriately delivered based on the contractual arrangements with the customer to guarantee the appropriate service is provided Ensure requests are actioned in a timely manner within this role and junior roles to ensure effective maintenance and management of the customer platform. With minimal supervision provide support where required to other platform engineers by taking ownership of issues and ensuring requests are rectified focusing on impact to the customer Provide supervision and guidance to junior members of the team. Measures of Outcomes: Percent of Adherence to processes and methodologiesa.Percent of adherence to SLAs for in- life ticketing processesb.Percent of adherence to workflows and completeness of audit trail for all activities Productivity score maintaineda.Number of issues identified early in case of issues delivering tasks or workload.b.Number of issues with effective evidence provided for escalations during triage. Number: of opportunities to enhance change documentation to ensure processes remain relevant for the broader team. Number of relevant skill related training and development activities undertaken evidenced by certification. Number of opportunities to alert and improve helping to reduce false positives Outputs Expected: Technical Expertise: Show comprehension and experience in the specific SIEM or EDR platform that Platform Lead is responsible for. Comfortable with and an awareness of the supported customers. Capable of providing support towards high level customer QBR (Quarterly Business Review) preparation. Use technology to identify and be able to implement technical solutions to issues with queries/rules/dashboards/data feeds Provide input to customer requirements or issues i.e. The ability to understand and translate a customer requirement into a technical solution and how that can be achieved within the respective platform. Provide support to Junior members. Platform Management - Incidents and Requests: Ensure team members are providing accurate updates to appropriate Service and Change Requests ensuring the audit trail is preserved and SLAs are achieved. Take the lead on identifying issues with the specified platform type or its supporting infrastructure. Monitor and trend performance of team members to ensure support can be provided early if there are issues with a particular technology or service Proactively identify issues with behavioural analysis/patterns along with suggestions for resolutions. Provide support to Junior members and broader team strategy to ensure the companies vision can be successfully achieved. Stakeholder Focus: Ensure relevant customer information of reporting metrics is provided in a timely manner. Engage with customer/TAM/Project team where required. Ensure customer specific processes are being followed. Undertake mandatory and proactive learning and development opportunities. Skill Examples: Good communication skills Skill in being prepared to undertake background check/validation ensuring integrity. Ability to work unsupervised with the assigned SIEM or EDR technologies and their supporting infrastructure Ability to manage a team of staff in a technical security environment Ability to demonstrate leadership with processes or strategy. Able to work with multiple querying languages Aptitude in working with querying data and the role of a SIEM/EDR Ability to show analytical skills working across multiple technologies and customers. Knowledge Examples: Knowledge Examples Experience in working with Security Operations and/or EDR/SIEM Platform Management role. A deep understanding of the workings of supported toolsets and technologies. Knowledge of IT Infrastructure and basic networking concepts Comprehension of MITRE ATT&CK framework and how it can be applied to use cases. Knowledge of creation of detection rules for SIEM/EDR as well as improving and enhancing. Experience with Big Data and Data manipulation. Desirable: Certifications in IT infrastructure / SIEM / EDR / Ethical Hacking Desirable: Academic qualifications and/or relevant work experience in lieu of qualification. Additional Comments: CyberProof is a cyber security services and platform company whose mission is to help our customers react faster and smarter - and stay ahead of security threats, by creating secure digital ecosystems. CyberProof automates processes to detect and prioritize threats early and respond rapidly and decisively. CyberProof is part of the UST Global family. Some of the world\'s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services. Cyberproof is seeking a skilled and experienced EDR Platform Security Analyst to join our team. The EDR Security Analyst is responsible for managing, monitoring, and analyzing the endpoint security environment via EDR tool and alerting the respective team for any suspicious activity. The skills and capabilities we require in these new resources are as follows: . A minimum of 4-6 years of experience in an information security role, preferably with experience in EDR solutions. . Knowledge of endpoint security best practices, vulnerability management, AV and threat mitigation techniques. . Experience in setting up and managing Linux servers, configuring Linux systems, and troubleshooting Linux-related issues . Expertise in Windows Technologies. . should be familiar with scripting languages such as Bash, Python or Powershell . Ability to work independently and as part of a team.

foundit