Job Title: Cyber Intelligence Centre (CIC) Engineer
- Bachelor’s Degree or Higher National Diploma in Computer Science/Engineering or related course with a minimum of 2.1/Upper Credit
- Certification in at least one of the following certificates: CISSP, CISM, GCIH, GSEC, CCNA, CEH, CCNA (Security), CCNP, CCNP (Security) etc.
- Preferred vendor/product certifications such as ArcSight ESM Administrator, Splunk Architect etc.
- Total Experience Required: 6-8 years.
- Minimum of 3 years’ security experience, with emphasis on security operations, incident management, intrusion detection, security analytics and security tool deployment.
- Experience with intelligence analysis processes, including Open Source Intelligence (OSINT) and closed source intelligence gathering, source verification, data fusion, link analysis, and threat actor.
- Ability to research and characterize security threats to include identification and classification of threat indicators.
- Prior experience working in a Security Operations Centre (SOC) or Computer Emergency Response Team (CERT/CIRT).
- Experience with the following security technologies including:
- Security information and event management tools such as ArcSight, QRadar, Splunk etc.
- Data leakage prevention.
- Privileged access management.
- Antivirus or end-point security.
- Vulnerability scanning.
- Database access monitoring.
- Next gen firewalls.
- Host and network intrusion detection/prevention systems.
- Network access control.
- File integrity monitoring.
- Identity and access management.
- Proficient in incident management and response.
- An understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security.
- Knowledge of various operating system including but not limited to Windows, Linux/Unix.
- Understanding of security vulnerabilities in common operating systems, network devices and web applications, including knowledge of remediation procedures.
- Troubleshoot and configure networking devices, various platforms and databases.
- Should have expertise on TCP/IP network traffic and event log analysis using regular expressions.
- Proficient in preparation of reports, dashboards and documentation.
- Ability to work in a very fast paced and high pressure environment.
- Appropriate level of judgement and decision making.
- Ability to handle confidential matters and high level of personal integrity.
- Excellent communication and leadership skills.
- Working knowledge and experience with MS office.
- Knowledge of ITIL disciplines such as Incident, Problem and Change Management.
- Able to work under pressure in time critical situations.