Senior IT Security Specialist

Company description:

Digicel Group Limited

Job description:

Primary objective of the job: 
 

The Senior IT Security Specialist you will assess SIEM/intrusion detection system, manage IDP and IAM solutions, endpoint protection coverage and health, perform alert and event analysis, vulnerability management, system hardening, KPI and SLA management, perform incident investigation, and perform other ad hoc security related activities from time to time. Additionally, monitor threat and vulnerability news, and coordinate / follow-up on activities and communications with key external security partners and other internal stakeholders including IT/Technical teams.

Main Duties and Responsibilities:

• Understand and perform level-2 triage of the alarms, events and threats escalated by our security operations center and globally deployed SIEM/IDS platform
• Quickly and accurately define mitigation plans in order to respond to different source of threat such as Malware, insider threat, external compromise, etc
• Respond/Coordinate efforts between key stakeholder teams to emergency security threats from Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus
• Collaborate with technical leads across all markets: IT, Technology, Service Desk, Applications owners on matters related to security monitoring, testing, configuration, remediation and compliance across global footprint
• Collaborate with security partners, consultants and auditors for required activities.
• Report accurately and in timely manner on security incidents and global threat landscape to Group Security Management Team
• Manage and maintain vulnerability testing platforms and configure/control the vulnerability scans, schedules, tracking and remediation activities across every market
• Ensure follow-up of vulnerability patching, system hardening, coverage of security tools and agents deployed on endpoints/user accounts/network systems as required to maintain policy compliance and as per directives
• Generate and improve vulnerability management reports and Key Performance indicator (KPI) reports and to assist with the distribution across all country admins and executive teams.
• Find innovative ways to promote and support security remediation and good security practices with Digicel’s entities
• Ensure collection of logs and artifacts for further investigation, troubleshooting, detection of malicious/suspicious activity as necessary or directed
• Assist in incident response activities
• Report findings of investigations targeting technical and non-technical audience
• Assist in the deployment and/or assessment of new security tools/controls, and providing subject matter expertise to the review of new and proposed system by any business unit across the global enterprise
• Provide support to other security team members and other activities as assigned from time to time

Academic Qualifications and Experience Required:

• Bachelor’s degree in IT/Computer Science, or equivalent education and/or experience
• Two (2) - three (3) years’ experience in Cybersecurity, IT/Network Administrator or equivalent knowledge OR Two (2-3) years of experience in IT Security domains (Network/IT security, security operations, compliance and regulations)

Functional Skills:

Technical:

• Strong general knowledge of IT and networked systems: web servers, active directory, mail servers, file servers, databases
• Good knowledge of virtualized/cloud computing (Iaas, Saas, Paas), Azure networks and their security
• Capable to use and create scripting commands using Powershell
• Strong knowledge of Unix/Linux and Windows Operating system and their security
• Strong understanding and knowledge of network and application security principles
• Strong knowledge of TCP/IP, common internet protocols and applications
• Experience with Network protocols and packet analysis tools
• Sound knowledge of various security methodologies and processes, and technical security solutions (firewall, DDOS solutions and intrusion detection systems)
• Good understanding of cloud based critical infrastructure systems security threats
• Understanding of latest security vulnerabilities, advisories, incidents, penetration techniques, attack vectors, and countermeasures
• Industry accepted certifications preferred (eg. CISA, CISSP, CISM, GIAC, Comptia Security+, Azure Security Engineer)

Personal:

• Deeply passionate about cybersecurity and emerging technologies and techniques utilized by threat actors
• Out of the box thinker that enjoys constantly learning new things and can adapt that education into new processes
• Dynamic with an excellent analytic skills
• Excellent reporting and documentation skills
• Ability to prioritize tasks