Primary Purpose

To provide Operational Support for the management of the IT Cyber security systems, components, and processes which proactively protect the confidentially, integrity and availability of corporate business Information.

Roles and Responsibilities:
1. Security Operations

• Investigate security alerts from various systems.
• Triage alerts using open-source intelligence, business context, and other alerting information.
• Understand operational procedures and know when to escalate or respond to an alert.
• Create and provide operational reports to management such as number of alerts seen and detected, security awareness statistics, endpoint patching coverage and other common security reports.

2. Incident Response

• Take steps to contain an incident in an appropriate way for the type of incident.
• Create, maintain, and follow incident response policies, plans and procedures when dealing with an incident.

3. Assist in performing security audits.

• Understanding and knowledge about best security practice to know what controls need to be in place when performing audits on various computer systems and processes.
• Identify areas of weaknesses either derived from audits or where new audits are needed, documenting them and acting upon them for future audits.

4. Security Awareness and Education Program Support and Maintenance

• Maintain the security awareness program which includes conducting phishing simulations, producing reports, identifying areas of improvement, and performing one-on-ones trainings where necessary.
• Conduct research into best ways to improve security awareness for end users.

5. Security Controls maintenance.

• Ensure the correct breadth and depth of security controls are in place to reduce the risk of cyber-attack.
• Understand how to perform risk assessments, working up to performing them once competent.
• Reaching to vendors ensuing controls are performing as desired and correct configurations are in place.