Job Description

• Monitor and analyze Intrusion Detection/Prevention Systems (IDS/IPS), Endpoint Security, Endpoint Detection and Response (EDR), and Security Information and Event Management (SIEM) events. Managing IDS, IPS, and SIEM rules.
• Creates and maintains IT Policies and Standard Operating Procedures.
• Consolidate and conduct a comprehensive analysis of threat data.
• Perform threat hunting and provide prevention measures.
• Evaluate the efficiency, effectiveness, and compliance of operation processes with corporate security policies and related regulations.
• SIEM administration and log reviews for effective monitoring.
• Creating rules and correlation events including incidents.
• Creation of custom and compliance reports weekly and monthly trend analysis reports for critical events.
• Patch management and vulnerability management to track vulnerabilities being exploited in the wild and follow through with the fixes needed to be implemented.
• Work with the teams on internal and external audits, due diligence checks as per the ISO 27001 controls.
• Manage IT Security Projects and Audit.

Requirements:

• Bachelor's degree in IT security-related discipline or equivalent experience.
• CISM, CISSP, GIAC, or relevant security certification would be an advantage.
• Working knowledge of application & infrastructure security solutions (Firewalls, Intrusion Detection/Prevention Systems, Network Security, Password Management, Data Encryption, and Access Control) including Cloud security.
• Prior experience in implementing security solutions and versed with information security best practices.
• Good domain knowledge of information security governance and equipped with a strong risk management background.
• Knowledge and understanding of emerging risk areas, e.g, remote access, DLP, secure application development practices, etc