Job Title: Infrastructure Systems Security Administrator
Job Status: Full Time
Company Type:IT Services and IT Consulting
Reporting to: Service Delivery Manager
Infrastructure Systems Security Administrator will verse in threat modelling, threat hunting, and penetration testing. This position will also oversee Compliance testing & Vulnerability Management, Penetration testing, and Threat Management for all systems within the network
Roles and Responsibilities
• Provide management of the Enterprise antivirus, mailing system MS Exchange and
active directory and other enterprise windows systems used by CUSTOMER OPCO. However, if CUSTOMER OPCO decides to upgrade to higher version of any of its Microsoft Systems (MS Exchange, Active Directory, Skype for Business, Teams and SCCM) to any Windows solution or a combination of both during the contract period, service provider shall provide services for the new or upgraded solution.
• Broadly the service shall include administration of servers, monitoring performance, management of user account and mailboxes
• Manage Anti-Virus, Anti-spam and Malicious activity solution for both Servers and Workstations designed to keep the IT environment free from the viruss and other malicious PC threats
• Ensure client devices are running the latest approved software versions and releases at all times and continuous updates
• Follow CUSTOMERs Change control Procedure.
• Ensure no unauthorized activity on any node to prevent outages/frauds etc.
• Manage and resolve security incidents as per the agreed security incident management procedures.
• Provide user Identity Lifecycle Management, i.e., create, maintain, disable and delete user, etc. in line with CUSTOMER security policies and standards
• Security Incident and Events Management: Implement Log Retention to be determined by CUSTOMER
• policy and business requirements. SIEM tool will be managed by CUSTOMER Security Team
• Encryption: Implement encryption as requested by CUSTOMER encryption standards on supported devices
• Review and verify monthly or when requested, the system logon IDs for the vendor personnel and immediately delete the IDs of those individuals who no longer have a business need and/or are no longer authorized to access the system.
• Promptly inform the CUSTOMER of any security issues as the vendor become aware and recommend possible remedial actions.
• Provide inputs to all Operational teams on security measures.
• Identify the protection requirements for systems or infrastructure for which the vendor has security responsibility.
Qualification and Experience • A degree in computer science, IT, systems engineering, or related
• 4 years experience in vulnerability assessments and/or penetration testing including patching
• Relevant Certifications such as CISSP or CISSP-ISSMP,CEH
• 2 years combined solid experience in one of the major V.M Scanners (Qualys,
• Tennable, Rapid7)
• Experience and knowledge of PMP and other patch management tools
• Solid Knowledge of CVSS, OWASP Top 10
• Knowledge and experience integrating threat feeds into various systems
• Experience with scripting with any of the following: Python, Ruby, Shell, Bash,Perl
• Ability to adapt and work collaboratively