- Track and action assigned alerts, and ensure proper response is taken by coordinating the work efforts of internal teams and actions required of external service providers.
- Review and carry out analysis on email messages, such as phishing and spam reports. Ensure correct categorization and action. As required, communicate with users to investigate and provide feedback. Contact service providers, as necessary for further remediation/actions.
- Conduct access control reviews on a case by case basis to systems and work with internal and external resources to update user control lists and provide reports.
- Support internal/external Audit processes, working in collaboration with the Cyber Office.
- Evaluate and approve/reject exemption requests as per corporate policy and standards. Provide guidance and information as to the risks involved with specific exemptions.
- Monitor threat feeds and provide regular threat intelligence updates.
- Maintain the vulnerability security digest and provide updates to relevant parties within New Horizon System Solutions (NHSS).
- Assist in remediation tasks related to audits/penetration tests.
- Assist in governance of security tools and configurations. As assigned, work with internal and external teams to maintain and update tool configuration and usage.
- Carry out quarterly firewall rule reviews and identify misconfigurations, insecure protocols and overly permissive rules. Work with the network team and business to evaluate impact of remediation and mitigate risks.
- Participate in internal and external table-top exercises related to cybersecurity.
- Govern and/or manage tools such as Data Loss Prevention (DLP), CyberArk Endpoint Privilege Management (EPM) etc.
- Support development of procedures for Cyber Operations.
- Assist, as required, during Incident Response and Recovery activities.
- As assigned, represent NHSS IT Security in sessions for internal policy/projects and/or general updates for Security e.g. interface committee to explain the need for changes, based on feedback provided by users. Participate in external workshops with industry peers, representing and sharing operational issues/trends etc.
- Apply understanding of environment and operational issues to work with external or internal parties to implement or optimize specific use cases which help improve detection and response.
- Perform other duties as required.
- 4 years of Bachelor/ University degree in Computer Science, Information Technology or related field.
- Requires a knowledge of computer sciences including cybersecurity monitoring and reporting applications and technologies, to work effectively with cybersecurity operations to investigate threats, such as reviewing and action tracking phishing and spam events, and closing out real time alerts using security tools, a well as providing support to the Cyber team and other stakeholders.
- Requires a good communications skill, both oral and written, to prepare reports and communicate effectively with others.
- Minimum of 4 years of practical cybersecurity experience, using security tools and applications, including cloud environments, such as Microsoft 365 suite of Security tools, MacAfee and the like to have gained a familiarity with monitoring and actioning alerts.
- Requires experience to have acquired a working knowledge of phishing emails to analyze and categorize them.
- Be able to assess the operation and function of applicable management systems, networks and applications, internal and external contacts and resources, including procedures, standards and policies, and changes in technology to facilitate the work function.