Main Purpose- To be part of the Security operations team focusing on engineering and roll-out of ITT Security Solutions, and providing Level 2 / 3 Security escalation support.
Knowledge, Skills and Abilities :
Role overview and experience / skill-set required :
The candidates should be well rounded in the security area specialising in Security Engineering. A candidate should also have relevant experience with security monitoring, management and response.
Key areas and specialities as follows :
Security Engineering :
Cloud (AWS and Azure) Security Configuration and Management
Experience working with security monitoring systems (ArcSight, Secureworks, etc).
Google Rapid Response toolkit
Strong engineering experience with security aspects of Windows and Linux operating systems
Strong engineering experience with security aspects of Windows Active Directory
Experience and knowledge of IT Security solutions and industry.
Microsoft Security Products, specifically :
Azure Password Protection Active Directory
Azure Advanced Threat Analytics
Strong scripting experience (Ansible, PowerShell, Python / Perl).
Security Response :
Malware handling experience. Experience with tools such as sysinternals, wireshark. Advanced malware analysis skills such as disassembling & unpacking not required though could be advantageous.
AV experience to the level of being able to run cleaning tools, submit the virus sample to virustotal and the vendor in question.
Understanding of AV severity and appropriate response - clean vs re-imaging.
Knowledge and ability to write basic scripts in scripting languages (e.g. powershell, perl, python).
Understanding of AD and LDAP environment and queries via scripts.
Ability to coordinate with Infrastructure team (CERT experience) during an incident or clean-up coordination.
General understanding of vulnerabilities and exploits.
Understanding of infrastructure security, computer incident response, prior work in Security Operations Centre.
Job qualifications :
B.A. or B.S. in a technical field or a relevant combination of education and experience.
Technical, analytical and interpersonal skills required
CISSP or equivalent security qualification or training will be looked on favourably.
5+ years of expertise in implementing, administering, and troubleshooting infrastructure in a corporate environment.
Minimum of 10 years working in IT
Key Relationships :
Internal IT Teams
Reporting directly to Head of IT Security Engineering