Mar 21, 2019Full time
• Manage, Coordinate and Govern Cyber Security Engineering Platforms vendors, ensuring Group prevention, detection and response capabilities setup is maximized, as well as operate as expected. • Coordinate Cyber Security Engineering Platforms maintenance and support, with vendors, to ensure uptime and performance is as per defined and compliant with SLAs. • Ensure Cyber Security Platforms Disaster Recovery Plan is adequate and complete. Coordinate Annual Drills on Cyber Security Platforms DRP and resolve any identified deficiencies. • Support the Threat Management and Incident Response Senior Manager, to ensure company has the right technologies and controls established to maximize Threat Monitoring and Incident Response capabilities. • Platform management and continuous improvement and Network Detection Response and Next Generation platforms. • Coordinate implementation of Using Cases to Monitoring threat solutions, to maximize detection capabilities. • Drive implementation and improve the automation and orchestration framework, building automated playbooks from Detection to Protect or Respond functionalities. • Define and Implement the needed Cyber Security Metrics in Cyber Security Platforms, along with the Cyber Security Metrics and Reporting Manager. • Coordinate solutions integration between company and vendor’s technologies, to enhance Protection, Threat Monitoring or Incident Response capabilities, along with orchestration of those solutions. • Support Threat Intel and Incident Response teams to given an identified Vulnerability, Threat or Risk, maximize capabilities to Protect, Detect or Respond against those. Coordinate the implementation of any needed changes with our vendors, as a response of those identified Vulnerabilities, Risks or Threats. • Coordinate and manage professional services, or external vendor’s analysts, when needed, to perform Cyber Security Engineering duties. • Partnering with key service providers to support Cyber Security Engineering needs. • Lead the development, documentation and maintenance of Standards, Procedures, SOPs and knowledge base for Cyber Security Engineering related services. • Continuous knowledge improvement in tools and best practices in Cyber Security Protection, Threat Monitoring and Incident Response. • Evaluate new emerging Cyber Security technologies and make recommendations for adoption within the Group. Requirements • 6+ years’ experience in a hands-on technical role in Cyber Security Engineering for Security Operations, or Security Monitoring solutions Engineering. • Excellent knowledge of SIEM, Security Monitoring, Machine Learning, Behavior Analytics, Advanced Persistent Threats, attack tools, techniques, and methods used by adversaries. • Excellent knowledge on design, installation, configuration and management of SIEM • Excellent written and verbal communication skills and ability to escalate timely to management. • Experienced in multicultural virtual team management and coordination. • Strong decision making capability on remediation actions to respond to security engineering incidents. • Ability to define, prioritize and execute process in a structured manner. • Experience with networking and TCP/IP traffic, along with firewall, SIEM, Orchestration, IPS, NGAV, EDR, APT, DLP, proxy and antivirus solutions. • Desirable: Experience with a programming/scripting language. • Desirable: CISSP, IBM Certified Associate Administrator - Security QRadar SIEM Certification, HP ArcSight Security Administrator Certification, Splunk Architect Certification.