Vacancy expired!
- Monitor day-to-day operations to ensure performance of information security infrastructure
- Responds to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches
- Monitor security alerting for any anomalies and fine-tuning security alerts as necessary
- Proactively perform threat hunting and security risk assessment within DOA network
- Analyzing risks and treat intelligence, acting as the internal expert for threat detection and incident response
- Monitor security tools for alerts and provide support within SLA guidelines
- Taking the lead when attacks do occur and remediating the event.
- Managing security processes, policies, tools, documentation, and day to day administration
- Participate in security architecture and consulting with other IT teams and departments
- Weekly systems patching throughout the DOA enterprise servers, workstation and laptops
- Develop methods and protocol to increase security posture
- Participate in Cyber training to end users
- Providing weekly security vulnerability and remediation reports
- The applicant must be able to manage multiple projects and/or task concurrently
- Knowledge of all applicable laws, ordinances, policies, standards, and regulations pertaining to the specific duties and responsibilities of the job
- Create security procedure documents, Incident reports, run books and playbook
- Perform Business Impact Analysis and develop Incident Response plans, business continuity plans and disaster recovery plans.
- Required to work after hours and weekend when needed. Be on-call for scheduled after-hour emergencies and respond to after-hours emergencies as needed
- Must have overall 5+ years of experience in cyber security domain
- Must have 3+ Years of hand-on experience with Qualys security suite of tools
- Must have 3+ Years of experience with SecureWorks
- Experience with Cisco Umbrella, Minerva Labs and Windows Defender ATP
- Understanding of Microsoft Azure and Amazon Cloud platform security solutions
- Experience with Identify Management and Role Based Access methods
- Experience with Microsoft Intune and Azure Security Center
- Expert knowledge in network and operating systems architecture
- Strong experience in Cisco ASA and Paloalto Firewall in implementing IPS/IDS and network segmentation
- Proficient in packet analysis, sniffer applications and experience on tools such as Wireshark
- Strong fundamentals on TCP/IP concepts, DNS, DHCP, LANs, WANs, WLAN, and SNMP
- Bachelor’s degree in Computer Science or Information Systems Certifications like CISSP, GSEC, CEH, CRISC, CISM, etc. are a plus