Responsibilities
- Act as Incident first responder for a 24/7 staffed SOC
- Perform security monitoring, vulnerability management, data loss / policy violation prevention and threat hunting
- Monitor security sensors and review logs to identify network anomalies or intrusions
- Provide analysis from monitoring, research and assessment of security log data from a large number of heterogeneous security devices
- Escalate security incidents using established policies and procedures in a timely manner
- Liaise with Ensign customers on security intrusions, identifying root cause and recommend mitigation step(s)/ remedial action(s)
- Perform initial analysis of security events, network traffic, and logs
- Assist with the development of incident response plans, workflows, and SOPs
- Work directly with threat intelligence analysts to convert intelligence into useful detection
- Monitoring the Managed Endpoint and Detection Response (MDR) platforms and performing analysis for notifications
- Performing Response action on Managed Endpoint and Detection Response (MDR) platforms based on standardize workflow and agreement with clients.
- Act as a liaison party for configured alerts to monitor performance of security sensors and tools
- Fulfil Change Requests, Service Requests and respond to internal / external enquiries with regards to Incident Management
Requirements
- Diploma/Degree in Information System/Information Security from a recognized institution
- 1 year of working experience in networking environment
- Basic, yet sound knowledge of network routing and switching fundamentals to include knowledge of Multiprotocol Layer Switching (MPLS)
- Basic, yet sound technical understanding of operating systems, network architecture and design
- Has understanding of network, server and application fundamentals, and its protocols within OSI layer framework
- Basic, yet sound knowledge of encryption, key management and cryptology
- Proven ability to plan and prioritize work, both their own and that of project team
- Sound understanding of organizational issues and challenges. Able to work effectively with participants at all levels in an organization
- Ability to analyze problems and determine root causes, generating alternatives, evaluating and selecting alternatives and implementing solutions
- Possess excellent writing skills and the ability to communicate to teammates as well as technical and executive level staff
- Results Oriented
Preferred Skills /Qualities
- Professional information technology/security certifications such as CCNA and CEH will be preferred but related qualification (i.e. GCIA, CISSP etc.) will be an advantage
Other Special Working Conditions
- Able to perform 12-hour shift duties (2 days work with 2 off-days).