Infosec Engineer at Interswitch Group

Job Objective/Purpose

• Administers the Interswitch's day-to-day Security Operations Center (SOC) activities such as monitoring and reviewing security incidents, response, investigations and other activities related to security monitoring and response..

Primary Responsibilities

• Daily monitor security logs, events and incidents.
• Database activity monitoring
• Review incident alerts to determine relevancy and urgency. Create new trouble tickets for alerts (escalations) that signal an incident and require a higher Tier review.
• Assist in responding to security incidents.
• Assist in reviewing firewall configuration changes/activities.
• Review and analyzing email threats and providing incident reports.
• Identify risks and update the risk register.
• Collate monthly SOC reports and share with the information governance and stratety team.
• Monitor the health of all SOC tools, resolve/escalate any health issues.
• Manage the Network Access Control and monitor violations.
• Contribute to security policies/rules configurations

Minimum Requirements

• University Education: Bachelor's Degree
• A minimum of 1-3 years of experience in information security related function.
• Strong understanding of Information Technology industry, tools, standards, policies and protocols.
• Demonstrable experience of strategic and tactical thinking
• Ability to communicate complex concepts clearly, both verbally and in writing
• Ability to approach problems from an IT security perspective

Tools:

• SIEM: e.g. IBM QRadar
• DAM: e.g. Imperva
• NAC: e.g. Forescout
• EDR: e.g. Google GRR, Carbon Black Response, RSA Netwitness
• FIM: Carbon Black Protect
• Endpoint Security: e.g. TrendMicro ApexOne, Deep Security
• Web Security: e.g. TrendMicro IMSVA
• Email Security: TrendMicro SMEX, IMSVA
• Network Security: Forti Analyzer
• Microsoft Sysinternal Suite
• Threat intelligence: e.g. Virus total, IBM X-Force, AlienVault OTX
• Packet Inspection: TrendMicro DDI, QRadar QNI, TCPDump, WinDump, Wireshark
• Vulnerability Scanners: e.g. Nexpose (InsightVM), Nessus, Nmap/ZenMap, Qualys Guard,
• Professional Qualification(s): CompTIA Security+ (Added advantage)
• Experience (Number of relevant years):  1-3 years relevance experience.