Sr. Information Security Engineer
NICE Systems
- Manila City, Metro Manila
- Permanent
- Full-time
- Work independently, applying in-depth knowledge and experience to deliver time critical, customer focused security monitoring services, advising and recommending on defensive strategies.
- Perform analysis (e.g. forensic analysis and malware reverse engineering) of complex and non-routine escalated security-related events; drawing on the expertise of other Analysts and external resources as required.
- Provide evidence of postmortem analysis of traffic flows, conduct network forensics, perform follow-up analysis throughout the incident life cycle
- Identify trends and tactics in the threatscape across the production and corporate infrastructure.
- Applying threat intelligence to build an awareness picture of emerging issues across monitored environment within the CSOC.
- Evaluate threat capability gaps within the CSOC and make recommendations to higher Management.
- Helps improve the overall security posture through obtaining the knowledge of the enterprise systems, and to ensure the timely dissemination of security information to the appropriate stakeholders.
- Provide effective leadership to CSOC team members; directing and guiding work and providing mentorship of junior members of staff, acting as a local Subject Matter Expert.
- Complete projects and playbooks associated with security monitoring, detection, and incident response.
- Coordinate and organize onboarding of new Analysts, including system access, and training.
- Act as point of contact for projects, escalations, new updates and changes from stakeholders.
- Proactively contribute to CSOC strategy by refining processes and procedures; ensuring they align with customer and wider organizational requirements.
- Create and maintain cybersecurity policies, standards, processes, and procedures.
- Improve control structures for threat intelligence and create collaboration processes to identify and respond to information on threats and vulnerabilities.
- Build effective threat identification and assessment processes, including maintaining procedures for obtaining, monitoring, assessing, classifying severity, and responding to evolving threats and vulnerabilities.
- Initiate research and evaluate intelligence data - with specific emphasis on tactics, techniques, and procedures - focusing on threats facing NICE inContact computer resource systems.
- Delivers top notch papers, presentations, recommendations, and findings for Enterprise Technology Leaders.
- Assume management tasks when/if needed to ensure operational continuity.
- Maintain the highest level of personal certification, integrity and objectivity, thus the Company Code of Ethics and Nice inContact policies and procedures at all time.
- Certifications in security, contract analysis, or related field (one or more preferred):
- CompTIA Security +
- CompTIA Network +
- CompTIA CySA +
- Certified Ethical Hacker
- Certified Cloud Security Professional
- AWS Certified Security
- Offensive Security Certified Professional
- SANS Certified Intrusion Analyst (GCIA)
- SANS Certified Incident Handler (GCIH)
- In depth Experience with offensive security/penetration testing skills and tools
- Advance Knowledge of digital forensic tradecraft and malware operations
- Working knowledge of native Amazon Web Services security services to deploy and managed security solutions.
- Strong understanding of data security controls to include encryption (at rest and processing), network authentication, network security architectures, and access control.