Responsibility:

• Reviews real-time alerts to perform triage based on relevancy and urgency
• Creates new tickets for alerts that signal an incident & require Level 2 / Incident Responder review
• Collection and analysis of cyber intelligence/intrusion reports, and news related to information security, covering new threats, vulnerabilities, products, and research to distribute in a routine basis
• Collects security data from a large number of heterogeneous security devices
• Manages and configures security controls and monitoring tools
• Perform real-time monitoring, trending and threat assessment on all notable security events
• Regular mapping of constituency networks to understand the size, shape, and perimeter interfaces of the constituency through automated or manual techniques
• Interrogation of consistency hosts for vulnerability status and focusing on each system’s patch level and security compliance

Requirements

Requirement:

• The team member will have ideally worked in an environment which has given exposure to and an understanding of Problem identification and resolutions, Enterprise class security (Firewalls, Encryption, Compliance, Access Control)and Enterprise class log management (QRadar, Arcsight, LogRhythm, Splunk) or an industry recognised logging environment.