Security Analyst GX Gateway (001206)
Key responsibilities of the position
- A member of the Security Operations team focus on Network, Platform, and Application security issues.
- Provide Support for the Security Information and Event Management (SIEM) System. Monitor alarm console and make determination on alarm severity, escalation, and response routing.
- Provide telephone, e-mail and ticket service to Incident Response process stakeholders.
- Maintain a Compliance/Vulnerability Assessment (VA) Scanning Capability. Follow a documented process for routine scanning of Inmarsat infrastructure and network elements. Conduct routine scanning of Inmarsat infrastructure and network elements.
- Maintain an Information Assurance Vulnerability Management (IAVM) and System Patching Process. Assist in maintaining an up to date Software Inventory configuration database. Interface with platform and network element administrators to maintain status of software versions and patching. Interface with platform and network element administrators to determine hardware/software inventories for Inmarsat infrastructure.
- Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
- Deliver first level investigation and remediation activities as a member of the Security Incident Response Team. Participate in Security Incident Response Team (SIRT) events: Conduct research and assessments of security events; provide analysis of firewall, IDS, anti-virus and other network sensor produced events; present findings as input to SIRT.
- Conduct shift change reports on open cases and maintain case data in the Incident Response Management platform.
- The post will require rotating 24X7 shift work to include daytime, night time, and weekend work.
Essential Knowledge and Skills:
- Cyber security professional with 2-5 years of direct information security operations experience.
- University degree level education or equivalent in Computer Science / Data Communication.
- A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous.
- Intermediate knowledge of Information Security fundamentals, technologies, and design principals.
- Proven experience in securing Windows, Linux, Oracle and VM platforms.
- Proven experience of QRadar or similar Security Information and Event Management (SIEM) tools for analysing network and security incidents.
- Proven experience in Tenable Network Security Nessus, BeyondTrust Retina or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and mis-configurations.
- Willingness to learn new skills and be self-motivated.
- Ability to work in a team environment, to work under pressure and show flexibility.
- Excellent verbal and written communication skills in English.