The Network & Security Analyst (Tier 2) will participate at the second level of the event handling process at Jolera Network and Security Operations Center.
The role is responsible for further investigation of network and security incidents and for providing adequate support for the previous layer (TIER 1).
This position is key to deliver best in class resolutions for our customers and the incumbent will demonstrate confidence and appropriate communication skills both verbally and electronically.
The professional must have the ability to handle multiple tasks accordingly with adequate priority to ensure that events are handled on time and that all customers receive a consistent level of customer service.
All CV’s must be received in English.*
What You'll Do :
Receive and respond to incidents in accordance with each client’s Service Level Agreement (SLA).
Process service tickets and assign to appropriate Jolera onsite technicians, or customer-specific internal service resources, as necessary.
Provide ticket update and feedback throughout the life of the support incident.
Aid to keep continuous improvement in our Incident Response program
Perform analysis of security threats and network issues.
Review logs / events from IDPS, SIEM, WAF, NG Firewall, Web Proxy and other IT related tools.
Identify and look for Indicators of Compromise within the managed environments.
Escalate high profile issues in a timely manner using well defined process for appropriate handling and resolution.
Monitor all IT assets and proactively support Tier 1 technicians on incident handling and resolution when necessary.
Develop knowledge of multiple systems and processes in order to troubleshoot problems.
Perform patch management activities accordingly with predefined process and time window, keeping Tier 1 technicians informed about the progress.
React to onsite outage scenarios as necessary or as assigned by the IT Service Management, following all defined processes and quality standards.
Identify affected assets related with network and security events and incidents.
Evaluate running and terminated process related with network and security events and incidents.
Craft and deploy mitigation and eradication strategy for network and security incidents.
Be part of the on-call team responsible for detecting and responding to cybersecurity incidents.
Who You Are :
2-3 years of previous support experience working in a technology / systems department directly supporting customers.
Current industry relevant certifications (Microsoft, Cisco, LPI, VMware, Citrix, CompTIA, EXIN, ISACA, ISC2, Offensive Security, etc.) would be an asset.
Good understanding of IT fundamentals across networking, system, and application layers, including knowledge on hardware, software, networks, and data centers.
Good knowledge of common client side productivity application suites (Microsoft Office Suite, Outlook Exchange environments, Office 365, etc.).
Good working knowledge of server side applications, technologies and communication models, namely Mail Server, Proxy, DNS, Virtualization, VPN, Firewall, OSI Model, DMZ, Honeypot, Directory Services, WSUS.
Knowledge of public cloud solutions (Azure, AWS, Google Cloud) is required.
Understanding of the incident response lifecycle at both technical and procedural level is required.
Experience performing incident response on at least two of the following technologies and solutions is required : Barracuda, FortiNet, McAfee, Cisco, Veeam Backup & Replication.
Familiar with SecDevOps and desired knowledge on scripting and automation (Powershell, Shell Scripting, Python, etc).
Understanding of the vulnerability management process. Practical knowledge on vulnerability testing and capable to define mitigation actions.
Fluent in English.
Good interpersonal, communication and collaboration skills.
Organizational and planning skills.
Multitasking, prioritization and critical thinking skills.
Willingness to learn new skills (including self-learning) and be highly self-motivated.