Cyber Security Engineer
Security Matterz
مجموع سنوات الخبرة :9 years, 8 أشهر
Implementation of SIEM solution LogRhythm.
Install and configure system collectors and develop use cases.
Analyses console messages, diagnoses system errors and remediates.
Fine tuning of SIEM solution to remove false positive. And conduct log analysis using LogRhythm.
Conduct proactive monitoring, investigation, and mitigation of security incidents.
Analyse security event data from the network (IDS, SIEM).
Patching and upgrading of SIEM platform and agents.
Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
Audit and prepare assessment report for existing SIEM platform.
Coordinate with SOC monitoring team on troubleshooting issues and highlighting it to L2 and L3 for further resolution and escalation.
Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
Research new and evolving threats and vulnerabilities with potential to impact the monitored environment.
Identify suspicious/malicious activities or codes.
Monitoring and analysis of security events to determine intrusion and malicious events.
Search firewall, email, web or DNS logs to identify and mitigate intrusion attempts.
Investigate malicious phishing emails, domains and IPs using Open Source tools and recommend proper blocking based on analysis.
Data archiving, backup and data purging as per need and compliance requirements.
Perform cyber security risk assessment of OT environment as per ISA/IEC 62443 standard.
Implements security controls, risk assessment framework, and program that align with regulatory requirements, ensuring documented and sustainable compliance that aligns and business objectives.
Evaluates risks and develop security standards, procedures, and controls to manage risks. Improves security positioning through process improvement, policy, automation, and the continuous evolution of capabilities.
Updates security controls and provides support to all stakeholders on security controls covering internal assessments, and regulations.
Performs and investigates internal and external information security risk and exception assessments. Assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test results, phishing, and social engineering tests and attacks.
Defines and documents business process responsibilities and ownership of the controls in the GRC tool. Schedules regular assessments and testing of effectiveness and efficiency of controls and creates GRC reports.
Documents and reports control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities.
Implement new security appliances such as Palo Alto and IDS tools such as Nozomi Guardian.
Responsible for scoping and planning IT internal audits.
Performs risk-based IT audits encompassing both technical and business process aspects.
Manage IT, audit staff, on audits to ensure on-time delivery of quality work.
ISO 27001 Gap assessment for external clients.
Supporting and advocating information security design and practices across the banks.
Participates in annual risk analysis of technology and operations segments to help develop the annual audit plan.
IT security audits on the different clients (e.g., network, operating system, and data center), including evaluating if security vulnerabilities are properly identified and mitigated. Coordinate the scope and performance of these reviews with business units and external security experts.
Performs general and application control reviews for simple and complex information systems.
Evaluate information general computing controls and provide value-added feedback. Test compliance with those controls.
Perform various other reviews of IT management policies and procedures such as change management, business continuity planning/ disaster recovery, and information security to ensure that controls surrounding these processes are adequate.
Configuring and handling Active directory on Server 2012. Working as IT coordinator with internal audit and security team. Configuring and handling Linux Mail Server. Configuring and handling DHCP Server 2012. Configuring and handling DNS Server 2012. Configuring and handling Exchange Server 2013. Installation, Configuration, and Administration of Symantec Antivirus. Installation and Handling VDI Citrix. Email Configuring and Handling. Software installation and troubleshooting.
Installing SQL server and configuration.
* Database user management.
* SQL Queries writing.
* CCTV Camera configuration.
* Configuring and handling DHCP Server 2008.
* Configuring and handling DNS Server 2008.
* Configuring and handling Active directory on Server 2008.
* Networking and LAN maintenance.
* Email Configuring and Handling.
* Software installation and troubleshooting.
* Hardware repair and maintenance.
* System Support to remote users and local users.
* VPN Management.
MCS
BSC
لقد تم حذف الرابط بسبب انتهاكه لسياسة الموقع. يرجى التواصل مع قسم الدعم لمزيد من المعلومات.