Middle/Senior Security Engineer
Infopulse is inviting a talented professional to join our growing team as a Middle/Senior Security Engineer.
We are currently looking for a Security Operations Engineer to strengthen our Security Operations Centre (SOC), which reports to the BICS Security department headquartered in Brussels. As member of that SOC you will perform the Security Operations in the largest sense.
Join the team of our customer BICS – a global telecommunication enabler with a physical network stretching across the globe!
- Grow your expertise through interacting with A-level mobile carriers from all over the world;
- Get your hands on the vast network with on-land, transatlantic, and space points of presence;
- Join our decade-long partnership with BICS to ensure confidence in your future and long-term growth.
Infopulse-BICS team has been growing since 2010… and we are looking forward to growing with you!
Areas of Responsibility
As a member of the team:
- You will focus on corporate security awareness and training programs of different nature.
- You manage security Incidents & Vulnerabilities using our SOC ticketing system.
- Ensure an adequate problem description for each reported issue,
- Determine and appoint correct severity to the events.
- Ensure that incident tickets are accurate and actively follow-up for status updates until remediation/ticket closure
- You will actively follow-up and actively poll for status updates and progress until remediation / ticket closure.
- Prepare monthly report for Senior Management with notable security events details
- Log and follow-up policy / risk exception and exemptions through their lifecycle.
- Manage security certificates and ensure timely renewal
- Logging and tracking of temporary access or privileges
- Coordinate pentest activities by maintaining calendar, record consume/available mandays & costs, ensure pentest reports are centralized and securely stored.
- Initiate, follow-up and register evidence of Quarterly User Access reviews
- Be actively involved in the vulnerability scanning process, analysis and following-up with remediation actions
- Initiate and coordinate Risk Assessment
- Explore our big data, analyse trends, identify and maintain meaningful KPI’s and dashboards
- Scan for compliance against our policies and standards, log deviations and strive for remediation
- Develop and fine-tune existing security processes and procedures
- Apply automation where required and/or meaningful
- Act as a first-line contact point for various security consultations
You will have the opportunity to extend your knowledge, explore, learn and grow in projects like:
- Deployment and operations of a Security Information and Event Management (SIEM) environment.
- Integration of the SIEM tool with sources of security incidents – e.g. logs from servers and applications, IDS/IPS, network and security devices.
- Setting up and operating a Vulnerability Management system, Endpoint protection system, etc.
- Threat hunting activities using all available tools (SIEM, IDS, EDR etc)
- Actively detect and identify security vulnerabilities and weaknesses and determine the remediation plan
- At least 3 years of professional experience with IT and Network Security products and services.
- Passion for IT security tools, products and services, Network and Server Administration technologies
- Knowledge and experience with administration and hardening of Unix/Linux and\or Microsoft operating systems
- Knowledge of IT and Information Security principles, techniques and technologies
- Practical knowledge of security systems on the market (eg. firewall, SSL/IPSec VPN, Proxy, Remote Access, PKI ...)
- Sound knowledge of Networking protocols and technologies, (e.g., TCP/IP, Firewalls, NGFW, Routers, etc.)
- Application security and general information security knowledge (eg. XSS, buffer overflow, URL tampering, SQL Injection, DDoS, Botnets, ...)
- Proficiency in written and spoken English
- Strong analytical and problem-solving skills
- Ability to manage multiple tasks and resources
- Good presentation and communication skills
- You are structured and keen to identify and implement improvements
- You have basic programming and/or scripting skills (automation)
- Flexible and open to fast changes, always willing to learn and improve
Will be an advantage
- Programming and scripting skills (Python, Bash, Powershell, Perl)
- Experience with collaboration tools / ticketing systems (RT, Jira)
- Familiarity with telco technologies/protocols
- Experience with Endpoint Detection and Response Solutions
- Experience with Vulnerability scanners like Nessus, MVM, Qualys, etc.
- Experience with IDS/IPS solutions (Security Onion, Snort, Cisco IPS, NGIPS)
- IT Security Certifications like CISSP, CISM, CISA, CEH, GCIH, GCIA, OSCP, etc
- Experience with SIEM and/or SOAR solutions
- University degree in Information Technology, ideally IT Security related