I'm working on a IT Security Tooling Engineer opportunity focusing on spearheading the operation and maintenance of various security tools and systems to protect information assets globally.
The client is looking for a tooling expert who is able to maintain and manage tools, vendors and decide which tools work best for the company. Other areas of focus include maintenance of IT Security Infrastructure, analyzing security alerts and incidents, triaging and investigating security breaches, and developing security policies and procedures.
Responsibilities Include:
- Manage the day-to-day operations of IT security tools, including firewalls, IDS, EDR, SWG, DLP, and other security-related technologies.
- Monitor the performance and health of security tools, proactively identifying and resolving any issues or anomalies to ensure their continuous functionality.
- Conduct regular maintenance activities, such as updates, patches, and upgrades, on security tools to ensure they are up to date with the latest security patches and enhancements.
- Collaborate with the IT and security teams to define and implement security tool configurations, policies and rules.
- Perform routine audits and assessments of security tools to verify their compliance with regulatory standards and internal policies.
- Expertise evaluating and selecting new security tools and technologies, conducting proof-of-concept testing and providing recommendations.
- Participate in new security tools implementation, troubleshoot and resolve technical issues related to security tools, working closely with vendors and internal stakeholders.
- Develop and maintains security documentation, including policies, procedures, and guidelines to facilitate the effective use and support of security tools.
- Review security logs and reports to identify patterns or anomalies that may indicate a security breach.
- Respond to security incidents and resolve them in a timely manner.
Qualifications:
- Bachelor's degree in Computer Science, Cyber Security, or related field.
- At least 7 years of experience working in a cyber security role.
- Expertise in IT security operations, with a focus on security tools administration and maintenance.
- Strong understanding of security tools, technologies, and industry best practices, including SIEM, IDS/IPS, antivirus, vulnerability scanners, and related tools.
- Expertise performing maintenance tasks on security tools, such as updates, patches, and upgrades.
- Excellent troubleshooting and problem-solving skills, with the ability to identify and resolve technical issues related to security tools.
- Expertise with network and system security concepts and technologies, Windows and Linux system security, APP security etc.
- Relevant certifications, such as CISSP, CISA, CIW are preferred.
- Programming ability and pentest ability are preferred.