Analyst, Security Monitoring at IHS Towers

Job Description

• We are currently recruiting for an Analyst, Security Monitoring who will contribute to overall reduction of information security (IS)-related incidents and compliance to statutory / international / organization specific standards by coordinating internal and third-party resources for continuous monitoring and identification of threats to end-user applications, networks, systems, and other access routes to other assets (including prevention/ detection, email/ spam filtering, web filtering etc).

Key Roles & Responsibilities

• Ensure intelligent reporting and fine-tuning of Security Information and Event Management (SIEM) solution, File Integrity Monitor (FIM), Network Access Control (NAC), Database Activity Monitor (DAM), Endpoint Security Solution (Antivirus), Privilege Access/Identity Manger (PAM/PIM), Firewalls and Security Operations Centre (SOC) rules.
• Identify and ensure that sufficient trails are maintained, retained and retrievable for forensic analysis and investigation on security solutions and applications monitored.
• Identify and Implement required logging policies across different layers of systems and across enterprise platforms monitored.
• Identify intelligent alerting to be created on security solutions, based on risk scenarios.
• Implement and manage log retention policy across multiple platform and systems.
• Review logs/ alerts (closed-opened) and reports of all in-place security and infrastructural devices.
• Perform ad-hoc and designated security and compliance reporting.
• Track security alerts and events and log same on ticketing solution.
• Network with other internal organizations to ensure coordination of compliance efforts.
• Participate in the creation and review of enterprise security policies, standards, and baselines.
• Provide support for the monitoring team as well as security incident and events management solution logging requirements and integration.
• Keep abreast of new/revised or improved security solutions, processes and development of new threats and attack vectors.
• Keep abreast of SOX regulatory standards.
• Participate in the deployment of tested security patches and updates.
• Conduct security tool selection, pilot, and implementation.
• Ensure intelligent monitoring and reporting on SOX applications.
• Identify, investigate, and resolve security breaches detected by installed security solutions.
• Make suggestions to implement projects that increase security and ensure the highest quality of service and security monitoring.
• Perform other functions as assigned by the line manager or unit head.

Experience & Qualifications Required

• Bachelor's and / or Advanced Degree in Computer Science or any related discipline.
• +2 years’ relevant experience in Information Security or any Information Risk/Control/Audit role, with at least 1 year in security monitoring and solutions deployment.
• Experienced in monitoring and correlating incidents and events noted from disparate security solutions.
• Knowledge of SOX security monitoring requirements and reporting.
• Demonstrate knowledge in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
• Demonstrate knowledge with network security and networking technologies as well with systems, security, and network monitoring tools.
• Demonstrate knowledge with web-related technologies (web applications, web services, service-oriented architectures), and network/ web-related protocols.
• Demonstrate knowledge of security monitoring frameworks or standards.
• Understand the latest security principles, techniques, and protocols.
• Problem solving skills and ability to work under pressure

Organizational Competencies:

• Be Bold
• Customer Focus
• Innovation
• Integrity

Functional Competencies:

• IT Operations
• Incident Management
• Security Assessments
• Security Monitoring & Reporting
• Log Analysis and Correlation.
• Continuity & Disaster Recovery
• Business Communication
• Security Solutions Deployment
• Vulnerability Lifecycle Management

Behavioural Competencies:

• Collaboration & Teamwork