Job Description

Our Client a Global Tech firm is seeking a Cyber Safety and Security Engineer to join their team in Rosebank (2 days onsite and 3 days work from home) on a contract basis. They offer stability, growth and a great working environment.The Manager, Security Platform Engineering is a seasoned managerial role and forms part of the Global Cybersecurity Incident Response Team (CSIRT) team, and is responsible for providing operational management and support to a team of CSIRT Security Platform Engineers who are accountable for detecting and monitoring escalated threats and suspicious activity affecting technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments).This role works closely with cross functional teams and learns more about new security tools and technologies that are getting onboarded. This roles also learns more about the administration, monitoring and maintenance of the security tools/technologies.The Manager, Security Platform Engineering is a people management role, accountable for fostering a collaborative and innovative team culture focused on achieving operational excellence.Key Roles and Responsibilities:

• Analyze information to identify security control and/or capability gaps that impacts the organizations security posture
• Provide advice and consultancy to internal customers on application and infrastructure threats and vulnerability remediation
• Consume and prioritize vulnerability results; provide remediation guidance and help eliminate false positives.
• Attend design and application architectural reviews and actively lead the discussions from a security standpoint
• Create formal written documentation of findings and recommendations to address vulnerabilities; assist development teams with writing patches for discovered vulnerabilities; assist security, server management, desktop, private/public cloud and application development teams with identifying and remediation of vulnerabilities
• Enhance the current controls and oversight of the various compute environments (private/public cloud, IaaS, PaaS and SaaS), reviewing configuration and designs and documenting improvements when necessary.
• Expand the use of automation in securing the environment and across multiple technology platforms.
• Provide the Interface between the local business unit and the global security team.

Knowledge, Skills and Attributes:

• Strong analytical skills and cross functional knowledge across multiple security platforms and other infrastructure disciplines
• Deep knowledge of Infrastructure security architectures, vulnerabilities and controls including Active Directory, Azure Active Directory, Cloud IaaS/PaaS and network implementations.
• Deep knowledge of application security vulnerabilities, testing techniques, and the OWASP framework. Experience in using security tools across different facets of infrastructure and applications. (SIEM, EDR, Threat Hunting (scripting), Vulnerability Exploitation, IAM, PAM etc.)
• Skilled in Security Penetration covering Microsoft Enterprise Environment (On-Premises and Cloud)
• Skilled in the Microsoft Security Stack (Defender, Sentinel, Endpoint Management)
• Skilled PowerShell & API Scripter (Python, C++, KQL will be advantageous)
• Experience in Penetration Testing and/or simulating of security events for controlled testing and validating of infrastructure and application environments
• Be able to articulate vulnerabilities, defects, technical controls and risks, with the Business in a manner that can be easily understood.
• Experience of Security frameworks like NIST and IEC 62443
• Strong Investigation and Postmortem analysis skills with the expectation to discuss the root causes of an issue as they come up.
• Solid project management skills.
• Strong written and verbal communication skills. Good problem-solving skills.

Academic Qualifications and Certifications:

• Degree or relevant qualification in IT/Computing
• Relevant level of Networking certifications such as CCNA,
• Relevant level of Security certifications

Required Experience:

• Advanced experience in leading and managing Security teams
• Advanced experience in Security technologies like (Firewall, IPS, IDS, Proxy etc.)
• Advanced experience in technical support to clients
• Advanced experience in diagnosis and troubleshooting
• Advanced experience providing remote support in Security Technologies
• Advanced experience in SOC/CSIRT Operations
• Advanced experience in handling security incidents end to end
• Knowledge on networking, Linux and security concepts
• Advanced experience in configuring/managing security controls such as Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, HoneyPots and other security tools
• Knowledge on log collection mechanism such as Syslog, Log file, DB API
• Knowledge in security architecture
• Advanced experience in Security Engineering

Skills SummaryInformation Security Compliance, Information Security Engineering, Information Security Incident Management, Information Security Management, Information Security Operations, People Management

ExecutivePlacements.com