Job Description
Infrastructure Security L3 Expand technical depth of evidence, documentation, artifacts, or investigations carried out by Tier 1 which are: Monitor, analyze, and triage cyber security alerts. Take ownership of in scope cyber incident investigations (unless escalated to Tier 2 or Company in accordance with defined processes). Create, manage, and follow up on service tickets. Assist TENET with guiding the appropriate remediation steps for cyber events via email, conference calls, phone calls, and instant messaging. Design, create, and update documentation as directed by Company. Research and analyze threat intelligence and indicators of compromise (IOC). Identify security technology deficiencies and manage remediation. Must have Good knowledge and experience of Palo Alto, Checkpoint - Good knowledge and understanding of Palo Alto Panorama Good knowledge and understanding of Checkpoint security management appliances Optional: knowledge and experience of open-source firewalls such as OPNsense, PFsense Good understanding and experience of managing multi-factor authentication Good knowledge and experience of firewall management tools (Algosec, Tufin ) Good knowledge or experience of firewall rules review / remediation-based projects Understanding of automation in general, any experience or involvement regarding firewall policy change automation will be advantageous Analyze emails for phishing or malicious content. Retrieve and analyze host / endpoint and network artifacts. Generate reports, graphs, summaries, metrics, dashboards, and other operational supportive documentation. Set up, configure, and support network Security Infrastructure with a focus on the management of our firewall domain i.e Checkpoint, Palo Alto, Panorama, Review, implement and enhance our network Security environment. Assist with maintaining current documentation of related corporate network implementation. Involvement in troubleshoot network security systems. Provide network project support to other teams with the implementation of enterprise and operational service upgrades and new initiatives. Be involved in Infrastructure and Business projects by delivering the required infrastructure (and related documentation). Perform vulnerability assessment, validation & upgrade on the Network Security Systems. Maintain process like Configuration Management and Monitoring of the infrastructure. Optimize our current network implementation and introduce automation services in our environment Integrate Watch-Duty role and support Week-End interventions Collect and analyze full packet captures. Review and interpret firewall logs. Collect and analyse memory from endpoint systems. Design, create, and implement automation scripts provided by Company. Design IOCs and alert correlations. Awareness of recent threat intelligence and zero day attacks in the industry.Soft Skills: Microsoft Office (Advanced) Ticketing System (Advanced) Documentation (Advanced) Problem Solving (Advanced) Cyber Kill Chain (Advanced) Operational Procedures (Advanced) Cyber Incident Response (Advanced)Technical Skills: Network Security (IDS, Firewalls(Checkpoint/Palo Alto), Web Proxy(McAfee) (Advanced Malware Analysis (Advanced) Email Security - Proofpoint (TRAP, TAP, Email DLP, Fraud Defense, DKIM/DMARC, email quarantine manager). (Advanced) RAVPN (Cisco Any connect/Global Protect) (Advanced) Network Security Appliances (NAC) CISCO ISE / Forescout (Advanced) WAF ( Prisma Cloud) (Advanced) Vulnerability Management - Rapid 7 Nexpose (Advanced) McAfee Encryption- (Advanced) Threat Intelligence (Intermediate) Log Analysis (Advanced) PKI (Thales Luna v6 HSM s) (1.) To clearly unders
