Officer- Cyber Application Security

Deadline: 29/2/2024

Job Description:

Main Responsibilities and Duties:

  • Management of 3rd Party Physical and Logical Access connected Systems and providing appropriate response to them that includes but not limited to: -
  • Intrusion Detection & Prevention Systems (ID&PS).
  • Anti - Virus / Endpoint Security Solution.
  • Hosted Email Security / Office Scan.
  • Data Leakage / Loss Prevention System.
  • Security Incident & Event Management System (SIEM).
  • File Integrity Monitoring System (FIM).
  • Privileged Access Management System (PAM).
  • Vulnerability Scanners.
  • Single Point of Contact (SPOC) for Cyber Security & Incident Response Process.
  • Single Point of Contact (SPOC) for Security Operations Center (SOC) Team.
  • Monitoring company’s security infrastructure, identifying and reporting Real Time attacks and vulnerabilities on the network to Information Security Department.
  • Identification of incidents and subsequent analysis and investigation to determine their severity and the response required.
  • Ensure that incidents are correctly reported and documented in accordance with Switch Cyber Security & Incident Response policy and procedures.
  • Be prepared to provide a Technical Escalation Point during security incidents, establishing the extent of an attack and the business impacts to concerned member of CIRT Team and Information Security Department.
  • Maintain a keen understanding of evolving threats and vulnerabilities to ensure the security of the organization’s network.
  • As required update Protective Monitoring/SOC documentation, processes and procedures and ensure accuracy.
  • Execute analysis of email-based threats to include understanding of email communications, platforms, headers, transactions, and identification of malicious tactics, techniques, and procedures.
  • Utilize and adhere to defined workflow and processes driving the Threat Monitoring and escalation/handoff actions.
  • Analyze potential cyber threats from a variety of intakes taking appropriate response actions to include threat containment and/or escalation.
  • Process tactical mitigations based on results of analysis and determination of threat validity.
  • Follow escalation and handoff procedures to concerned CIRT team members and leadership based on defined threat and priority determination.
  • Utilize a variety of security tools and technologies to analyze potential threats to determine impact, scope, and recovery.
  • Leverage network security tools and capabilities to support Cyber Threat Monitoring activities.
  • Documents results of cyber threat analysis effectively and prepares comprehensive handoff and/or escalation for Incident Response Reports.
  • Stay up-to-date and evaluate security trends, evolving threats, risks and vulnerabilities and apply tools to evaluate and mitigate risk.
  • Response and support activity during incident response including malware outbreaks, zero-day vulnerabilities and other major security events.
  • Occasional need to work varied shifts, including weekends and holidays in support of incidents or other events.
  • Identifying and creating incident tickets and validate remediation with CIRT Team / End Users to track resolution in Ticketing System.
  • Performing review and validation of daily compliance reports to track business as usual and out of policy activities.

Technical Requirements:

  • Knowledge of Firewalls and ID/PS.
  • Vulnerabilities assessment and Patch management.
  • SIEM/FIM, log management, audit trails.
  • Knowledge of Incident Response and Computer Forensics.
  • Two or more year's industry experience with Security products, effective learning skills, works well in a team environment, Strong problem-solving skills.

Education:

  • College degree, preferably in Computer Science, or equivalent is required.
  • Will consider related field (or equivalent) experience.
  • Personal Competencies.
  • Good verbal/written communication.
  • Excellent interpersonal skills.
  • Works well under pressure.
  • Responsible attitude.
  • Positive team player.
  • Able to take initiative.
  • Good time management.
  • Attention to detail, methodical.
  • Customer service orientation.
  • Professional approach and conduct.
  • Eager to learn.

Required Certifications:

  • Any of the below certification is a Plus
  • CTIA (Certified Threat Intelligence Analyst).
  • ECIH (EC Council Certified Incident Handler).
  • CSA (Certified SOC Analyst).
  • CHFI (Computer Hacking Forensic Investigator).
  • CEH (Certified Ethical Hacker).
Sorry! registration for this Job has expired!