Senior Information Security Analyst at PPS

Education:

• Bachelor’s degree or equivalent in information systems or Computer engineering/science
• Microsoft MCSE certification
• CISSP
• Cloud Certifications Beneficial
• Security Certifications Beneficial

 Experience:

• Minimum 10 years’ working experience in IT area.
• At least 3 – 5 years of Cybersecurity, IT Risk or Governance experience In large IT environments.
• Minimum 2 years’ experience identifying threats and developing appropriate protection measure
• Has good experience with large scale distributed systems and Cloud architecture.
• ITIL Service Management Experience
• Experience in IT Infrastructure Platforms
• Extensive technical know-how of security network devices (switches, antivirus, firewalls, cryptography, SIEM) and any other security networking hardware or software tools
• Proficient in all aspects of using a computer, ie MS Office package etc.

 Knowledge and Skills (maximum of 10):

• Knowledge of IT Security and Risk Management frameworks, policies, standards and technologies – ISO27001/2
• Malware Management Knowledge.
• Vulnerability and Patch Management
• OS/Application VM Knowledge
• Web monitoring solutions
• Data leakage on end points
• Virtual server protection
• Database monitoring
• Desktop Firewall and IPS solutions
• EDR Solutions

Competencies:

• Analysis
• Change Management
• Client Focus
• Creative and Innovative Thinking
• Effective Communication
• Quality Orientation
• Results orientation
• Teamwork

Duties and Responsibilities

Key Competencies, duties and responsibilities:

• Have a comprehensive understanding of cyber security defense-in-depth concepts
• Understand defense-in-depth point technologies
• Understand cyber security incident and alert response processes
• Have a strong infrastructure, network, database and application understanding to support cyber security decision making and lead security investigations.
• Configure, implement, and maintain all security platforms and any other related technology, such as anti-virus, routers, Anti-SPAM, switches, intrusion detection or intrusion prevention, firewalls, cryptography systems, SIEM, and MDM
• Plan and appraise ongoing assessment cyber security technologies including antivirus, application controls, firewall, SIEM, VPN, SSL, intrusion detection or intrusion prevention and other network component policies
• Guarantee network security best practices are executed through auditing: router, change control, switch, firewall configurations, and monitoring
• Responsible for periodic vulnerability testing, and lead remediation projects
• Articulate systems and methodologies as well as reply to security-related events and support in remediation efforts
• Coordinate and oversee log analysis for company managed services offerings to ensure customer policy and security requirements are met
• Maintain network security devices to enable pro-active defence of networks within a managed service SOC environment, providing protective monitoring to multiple commercial customers
• Work with customers to form and fix appropriate policy and signature rules. This comprises tuning and development of the creation of custom intrusion detection and SIEM signatures and rules, including the efficient on-boarding and understanding of varying customer log sources into SIEM environments
• Work in collaboration with appropriate stakeholders to ensure customers have devices that are fully operational and secure
• Work under strict change control processes to ensure only authorized changes are made to device
• Working with other teams in the organisation as a technical resource in all technical matters, such as educating and replying to clients on issues ranging from features, functionality to integration, specifications, and installation.