About the job
Experience & Skills
• 5+ years’ experience working in a large-scale IT environment with focus on Information Security, and knowledge of Operational Technology.
• 2+ years’ operating experience in industry leading SIEM products. Solid understanding of SIEM (Security Information and Event Management System) technology, architecture, locating sources and rule creation with commercial market leader Cyber Security products.
• 1-3 years previous Security Operations Centre Experience in conducting security engineering is a plus.
• Good knowledge of IT including multiple operating systems and system administration skills (Windows, Unix, Linux network platforms)
• Good Knowledge of OT systems and their potential risks and threats
• Good knowledge of client-server applications, multi-tier web applications, relational databases.
• Solid knowledge of security products such as Active Directory Auditing, Authentication, Firewalls, Intrusion Detection and Prevention Systems, and a variety of other related security technologies and host event logs.
• Strong understanding of Operating systems hardening.
• Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols.
• Scripting Experience (e.g. Python, Perl, and PowerShell)
• Certification in at least one industry leading SIEM product. Possession of Industry Certifications (SANS, GCIA, ICS2, (CEH), (CISSP), EC Council, and SIEM/ security tool equivalent technical certifications).
• Good understanding of Security frameworks and techniques.
• Good understanding of forensic tools and capabilities
• Bachelor degree in information security, computer science, or systems engineering