Cybersecurity Administrator

About The Position

Requirements

• Degree in computing & information technology
• 5+ years of direct front line security related support
• One or more of the following certifications:
• CompTIA Security+
• Microsoft Certified Systems Administrator: Security
• CISSP: Certified Information Systems Security Professional
• CISM: Certified Information Security Manager
• Excellent written and verbal English communication skills
• Broad hands-on knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices
• Strong knowledge of TCP/IP, computer networking, routing and switching
• Strong knowledge of network protocols and packet analysis tools
• Strong knowledge in threat hunting from any source like Next-Gen SIEM,XDR, EDR, CSPM and Email, efficiently finding the unknown, spanning metrics, event logs and traces
• Strong knowledge in AWS and Azure cloud networks
• Knowledge of applicable practices and laws relating to data privacy and protection
• Strong team player and positive contributor
• Well-developed analytical, problem-solving, and decision-making skills
• Able to consistently live our values of being valued, effective and trusted
• A strong customer experience focus
• A passion for continuous learning and professional achievement
• Successful completion of a criminal record check
• Must be able to work flexible hours and be available on call for 24x7coverage

Responsibilities

• Support enforcement of current policies, procedures and associated plans for system security administration and user access, based on industry-standard best practices.
• Assist in implementation of disaster recovery plans for operating systems, databases, networks, servers, and software applications.
• Assess the need for any security reconfigurations (minor or significant) and execute them if required.
• Assist in threat risk assessments to identify technology and business risks for current and future projects.
• Plan and perform simulated threat hunting and incident handling exercises to assess incident readiness and identify gaps in Incident Response policies of the organization.
• Assist IT in securing internal and external network configuration, remote access configuration, domain administration and secure data transfer.
• Support in administering and delivering security training to educate users on new security threats based on their job responsibilities via various phishing and training campaigns.
• Keep current and inform leadership on current and emerging security threats.
• Conduct research and advise senior leadership on security products, services, protocols and standards in support of security enhancement and development efforts.
• Manage Crowdstrike EDR to identify endpoint, cloud and identity security alerts for possible breaches, working closely with IT Helpdesk when necessary.
• Oversee daily requests to release held emails by Darktrace Email Security and Microsoft 365 Defender investigating root cause before releasing messages to users.
• Monitor Darktrace Email Security for any harmful messages that were not held, updating its dynamic detection models, improving security.
• Manage Imperva Web Application Firewall (WAF) and identify security alerts for possible breaches
• Provide coordination and oversight of client security requests, audits and problem tickets from internal teams.
• Audit and recommend security enhancements to firewalls, intrusion detection systems, cryptography systems, and other security appliances.
• Maintain and present monthly security metrics to management
• Ensure information and technology infrastructure meets established compliance regulations such as PCI, HIPAA, SOC, ISO, NIST,CIS, OWASP Top 10.
• Audit web and mobile applications, organization databases for security risks and vulnerabilities and recommend countermeasures to ensure the security of critical data.
• Design, perform, and execute vulnerability assessments, penetration testing and security audits.
• Create and deploy end user security awareness training using KnowBe4.
• Deploy IT and Security policies using KnowBe4.
• Create and deploy end user Phish test campaigns.
• Actively monitor, configure and respond to Phish alert emails.
• Design, implement, and report on security system and end user activity audits.
• Monitor and review logs, dashboards and reports for: servers, firewall, intrusion detection, network traffic & devices, workstations and user access.
• Recommend, schedule (where appropriate), and apply fixes, security patches, disaster recovery procedures, and any other measures required in a security breach.
• Download and test new security software and/or technologies.
• Participate in investigations into problematic activity.
• Provide on-call security support to end-users.
• Achieve performance targets.
• Collaborate and communicate effectively with team members and all other teams.
• Responsively and effectively handle issues.
• Look for ways to improve customer experience.
• Promote and model TuGo culture, values, and brand promise.
• Continuously build professional and technical expertise.
• Other duties as required.