Job Description:
- Support in performing security assessments in line with established methodologies;
- Support in development of assessment reporting outputs;
- Support in reviewing security-related events, assessing risk and validity, as well as reporting;
- Support in analyzing network traffic to assist in generating new attack signatures;
- Support Firm’s Advisory, Implementation and Operation engagements in Security Operation Center (SOC) / Managed Security Services (MSS)
- Support in the build and enhancement of Cyber threat situational awareness and threat intelligence programs
- Support in utilizing security monitoring technologies and products such as SIEM tools to monitor, triage, report, and resolve security related incidents following a pre-defined incident response process;
- Support in the co-ordination with security vendors to understand their solution offerings and advise clients on appropriate technologies.
Qualification & Skills
- Bachelor’s or Master’s degree in Computer Science, Engineering, Management Information Systems , Information Security or related field; Master’s degree is a plus;
- Strong technical skill-set across various technologies and platforms including Operating Systems (Windows, UNIX, Linux); Databases (Oracle, SQL etc.), Networks (LAN and WLAN) and Network Infrastructure (Routers, Switches, Firewalls etc.);
- Knowledge of security standards/best practices (ISO 27001, ISF, SANS, etc.); Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), User Behavior Analytics (UBA), Endpoint Detection and Response (EDR), Situational Awareness Monitoring, Managed Threat Detection and Response (MDR); Threat Intelligence; Threat Hunting;
- Good knowledge of how Security Operations Center (SOCs) operate, processes and procedures for threat management, engineering, operations, and continuity
- Strong / technical security configuration and networking skills;
- Good to have: Professional designation such as an Information Security certification such as CISSP, CCNA, CCNP, CCIE, CCSP, or CISM that establishes credibility and capability in the Information Security market is a preference.
Experience
- 06 to 08 years of experience in the provision of cyber security services