Experience and Qualifications:
- At least 2 years experience in IT Security
- CEH, CISSP, OSCP or relevant IT Security Certification
- General knowledge of security tools and techniques
- Ability to communicate effectively, both verbally and in writing
- Strong sense of professionalism and ethics
- Passion for and interest in information security
- Team player
Responsibilities and work output:
- Execute agreed upon monthly scans
- Perform analysis of scan results and document findings.
- Provide analysis document to operational teams and management.
- Execute on initiatives in support of continuous improvement of the monitoring platforms.
- Monitor firewall for incidents daily (Monday to Friday).
- Subscribe to threat feeds relevant to our industry and monitor for threats they might impact the company.
- Ensure reported incidents, regardless of channel (e.g., self-detected, ESD, SOC), are logged and assigned to the correct operational team(s).
- Ensure that incidents are handled within SLA times.
- Escalate incidents to management if severity (i.e., impact) of incident requires it.
- Ensure that the company Cyber Incident Response plan is adhered to in the handling of incidents.
- In the event of a large-scale incident, participate in the cyber incident response effort.
- Assist the security team in executing coordinating monthly penetration tests
- Adhere to agreed timelines for tests.
- Adhere to the agreed penetration testing process.