Search for More Jobs
Forward job to a friend
Apply without Registering
Apply by creating/using an account
Please enter your registered email address, and we'll email you a link to reset your password right away.
Top Skills Set The Manager is Looking for:
Overview: To provide high quality security device management and support services to Managed Security Service customers. This can include (but not limited to) Firewall, IDS/IPD, VPN Concentrator, VM/Scanning Systems and SIEM in either a leveraged or dedicated delivery team model.
Key Job Responsibilities
• Working incidents based on standard service measures.
• Provide technical support to customers across the managed service portfolio.
• Responding to device alerts through in-house proactive alerting system.
• Support customers via on-site, and/or remote phone and email.
• Liaise with vendors to support customer devices and environments.
• Attending technical training to retain skill levels across portfolio.
• Qualifications Technical certification in at least 1 security or network products set
• 2 years related experience
• An understanding of networking technologies
• Experience in a Support environment
• Experience of working within a team environment
• Excellent customer service skills
• Pro-active attitude to troubleshooting support issues
• Evidence of trouble-shooting skills
• Experience working with packet captures/tcp dumps
• Knowledge of different security platforms available with experience of configuring/managing at least one of the following
- Checkpoint firewall
- Juniper Netscreen/SRX firewall
- CISCO PIX/ASA firewall
- Bluecoat Proxy
- F5 load balancer
• Knowledge of Checkpoint, F5, Bluecoat, MacAfee and Juniper Products
• Familiarity with SIEM, IPS/IDS and VPN Technologies and Authentication Software
• Familiarity with Microsoft and Citrix servers.
• Familiarity with ITSM/ ticketing systems.
The primary function of this role is to participate as a mid-level member of a 24x7 Security Operations Center (SOC) team, delivering the required actions as described within agreed guidelines and follow standard procedures to maintain, manage and report on the security event management and infrastructure events of our clients.
* Applying knowledge of a client's security policies and procedures to detect, analyses and prevent both internal and external security breaches using SIEM and other security event monitoring tools
* Research and document appropriate information to support escalations of complex security issues to Senior Analysts or appropriate engineers
* Actively monitor the SIEM/security monitoring tools in order to identify anomalies and other event not automatically detected
* Develop basic SIEM/security monitoring tool event filters
* Lead or assist rule development activities to need to increase detection efficiencies and help in the prevention of malicious attacks
* Provide vulnerability assessment analysis to clients/accounts based on scanning technology output.
* Experience in networking, operational security management and telecommunications;
* At least 4 years' experience in a security analyst/administrator role in a complex environment;
* Extensive knowledge of security products and network topology;
* Extensive knowledge of TCP/IP and other protocols;
* In-depth knowledge of current Internet security attacks and prevention.
* Experience in security analysis tools such as ArcSight, LogRythm, QRadar, etc.
* Strong knowledge of leading enterprise commercial firewall technologies (certifications preferred);
* Strong knowledge of structured intrusion detection, tracking and analysis using industry leading commercial technologies (certification preferred);
* Specific knowledge of Windows security issues;
* Specific knowledge of Unix security issues;
* Excellent English communication skills, both verbal and written. Other language skills are an advantage;
Preferable Certification: CPT, CEPT, ECSA, GCIH (SANS), GCIA (SANS)
Apply by creating/using an account