POSITION DESCRIPTION :
Responsible for working in a Citco Security Operation Center (SOC) environment. Provides analysis and trending of security log data from a large number of heterogeneous security devices on the Citco network.
Provides Incident Response (IR) support when analysis or outsourced Manage Security Service Provider (MSSP) confirms actionable incident.
ORGANIZATIONAL RELATIONS :
This position reports to the IT Security Operations Manager and is a key position within the IT Security group which is responsible for overseeing the information security program within Citco.
PRINCIPAL ACCOUNTABILITY :
A. Technical Expectations / Professional Practices :
Review and act on the alerts as provided by the MSSP and Citco internal tools.
Manage and escalate security issues according to established procedures, follow established escalation procedures and report to established management structure.
Ensure security events are being monitored, acknowledged, and acted upon. Liaise with the appropriate security analysts, data owners and development teams as necessary to determine and mitigate vulnerabilities / threats.
Capable of assisting with the management of Windows systems.
Provide daily monitoring, full analysis reports, and analyze network and security platforms.
B. Administrative Expectations :
Ability to work independently with or without direction and or supervision.
Portray professional demeanor.
Communicate and prepare written material in professional manner.
Maintain a tidy desk and work environment.
Accept responsibility and personal accountability.
Maintain good attendance and punctuality.
Demonstrate flexibility and adaptability in approach to work.
Demonstrate use of professional judgment on the job.
Demonstrate effective teamwork and working relationships with others, both from Citco and external clients.
DESIRED EXPERIENCE, QUALIFICATIONS & ATTRIBUTES
2-4 years’ experience in a consulting environment or as a System Administrator with and understanding of networking principles in a global environment across multiple data centers.
Experience with Network Security systems (firewalls, IDS / IPS, etc.), event correlation solutions (SIEM), and log parsing solutions
Experience with malware and incident handling
Technical familiarity with Microsoft and Unix operating systems