Professional, Information Security-PHL

L2 Professional

Do not edit

Global Level Description
Established and productive professional individual contributor. Works independently with general supervision. Problems faced are difficult and may be complex. May influence others within the job area through explanation of facts, policies and practices.

Complexity and Contribution

Works on moderate to complex projects. Uses company standard policies and procedures to resolve a variety of issues.

Independence
Exercises judgment within defined procedures and practices to determine appropriate action. Receives moderate level of guidance. Work is reviewed for soundness of judgment and overall accuracy.

Minimum skills and Experience
General proficiency with various tools, systems, and procedures required to accomplish the job. May need to consult with Senior/Specialist staff members on some technical issues. A four year college degree (or additional experience in a related field) and 3 years functional experience including a minimum 1 year position specific experience.

JOB FAMILY SUMMARY

HRBP: Insert Job Family Summary from Job Catalog Guide

Design, install, manage, and implement business plans, policies and procedures to maintain systems, network, database and/or Web security; develop, implement, and maintain information security, including access management, vulnerability assessments, penetration testing, infrastructure, and regulatory compliance; responsible for reporting, investigation, and resolution of data security incidents; analyze business needs and oversee security architecture, administration, and policy planning to lessen possibility of security breach; recommend enhancements to plug potential security gaps. Prevent IT-based crime, hacking, intentional or inadvertent modification, disclosure, or destruction to an organization's information systems and IT assets and intellectual property including: Designing, testing, and implementing secure operating systems, networks, and databases; Password auditing, network based and Web application based vulnerability scanning, virus management, and intrusion detection; Conducting risk audits and assessments, providing recommendations for application design. Monitoring and analyzing system access logs; Planning for security backup. Provide guidance and direction on best practices for the protection of information; ensure compliance with regulations and privacy laws. May oversee internal or external systems security (e.g., cloud services).

SPECIFIC JOB SUMMARY DESCRIPTION

Position Summary

The IS Security Operations Analyst is accountable for executing global and regional day to day security operations tasks which include but not limited to incident response, security breach, DNS request management, review of firewall change request, administration of network and/or endpoint security technologies, SIEM tools administration and change management.

The Security Operations Analyst will ensure operating environments are maintained to optimal performance and meet defined SLAs. Key success criteria in this position: in-depth understanding of global security best practices, good understanding of technologies such as host base AV, next generation firewalls, advance threat protection, intrusion detection/prevention systems, security tools architecture, Windows and Linux administration. This role will implement best practices, operational discipline and integrate appropriate changes as business needs require.

Key Responsibilities

• The security operation analyst will be responsible in managing and administering our endpoint and network security tools. Ensure that the tools are in best working condition as well up-to-date for lifecycle management.
• Periodic firewall rules review and assess risk on new firewall change request submitted by the business.
• Processing DNS change requests to our registrar.
• Assist the IR team to execute incident response process and procedures to remediate threats.
• Review and remediate escalated incidents from our SOC team in a timely manner.
• Work closely with internal teams (Network, Windows, Linux, Regional IT) to continuously improve our security posture in the environment.
• Tune and implement configuration changes to security controls as necessary.
• Stay up-to-date on information technology trends and security standards.
• Assist and work with the Engineering team in executing global security projects/initiatives.
• Provide 24/7 security operations support to the business.

 Job Qualifications and Educational Requirements

•          A Bachelor’s degree in Computer Science, Engineering, or related Science and Math discipline with an Information system emphasis or equivalent experience.

•          Ability to adapt in a complex environment, loves challenges, with the will and drive to learn new things on your own.

•          4 + years of experience in related field with at least 2 years in enterprise security. Good understanding of cloud security (Azure, 0365, AWS, GCP etc.) is desirable.

•          Endpoint Security Management (Administration, Deployment, Operations) for security tools.

•          Security Information and Event Management (SIEM) management experience is a plus.

•          Hands on experience of NextGen Firewalls administration and best practice.

•          Deep technical knowledge in IT technologies, operating systems, networking, database and global business experience.

•          Deep understanding of security risks and threats as they relate to the company’s operating environments.

•          Has exposure in creating technical documentation for security tools and procedures.

•          Monitors the internal control systems to ensure that appropriate access levels are maintained.

•          Demonstrate high competency working under pressure and executing multiple global projects at the same time.

•          Strong enterprise security understanding.

•          Understanding of ITIL and its practical application is nice to have.

•          Demonstrated competency in managing third party providers in IS operations.

•          Strong written and verbal communication skills to effectively interact with internal and external partners on all levels to resolve technical and business level discussions on security matters and provide solutions in a timely manner.