L2 Security Engineer (Full Time / Central)

Responsibilities:

• Be the point of contact for HSA IT security matters for 24hrs x 7 days.
• Provide IT security consultancy and advisory to Agency.
• To assist agency to consolidate, track and report the status of security advisory received from GITSIR, CSA, NCSC etc.
• Follow up with respective Facilities Management Team on the implementation of the remediation against the security advisory received, IOC scanning and reporting, patching of the system and vulnerability for systems in HQ DC.
• Provide ad hoc, monthly report for Privilege Access Manager, Early Detection and Response solution, Database Activities Monitoring, log review, account review etc.
• Review of logs capture in the syslog server from all the systems in HSA HQ and GDC.
• Support HSA in the IT security audit, compliance audit, and security related matters.
• Work on quarterly Vulnerability scanning and remediation with ATFM and provide reporting and track the status.
• ITSO resources will be full time dedicated to HSA to support all related IT security requirement.
• ITSO shall work with IT security engineer to Conduct Quarterly or OnDemand VA Scan all system and follow up with IT Facility Management on the remediation to meet IM8 timeline.
• Share domain and technical expertise, providing technical mentorship and cross-training to other peers and team members.

Requirements:

• 5+ years IT security experience required.
• Experience with Networks, Servers (Windows and UNIX), Database.
• Experience in IT security auditing, security assessments.
• Understand protocols, traffic flows, ability to analyze logs from various sources.
• Knowledge of Active Directory, Endpoint protection solutions, Early Detection and Response solution, Database Activities Monitoring tools, SIEM etc.
• Excellent written and verbal communication, presentation skills.
• Proficiency in Microsoft Excel.
• Flexible, team player, “get-it-done” personality.
• Ability to organize and plan work independently.
• Ability to work in a rapidly changing environment.
• Ability to multi-task and context-switch effectively between different activities and teams
• CISSP, CISM, Security+, IT security tools certifications (Imperva, Carbon Black) is a plus.