Job Requirements
Skills
Job description for IT Security Consultant - Ops at Xtremax Pte Ltd
We are looking for a highly motivated person specializing in IT security to help defend and protect Xtremax’s information, infrastructure and products. The Security Operations team is responsible for identifying, researching, prioritizing, and following up on vulneraiblities and risks identified in Xtremax’s infrastructure.
Responsibilities
- Security vulnerability and risk assessment of Xtremax systems, threat analysis to identify new and existing vulnerabilities and drive the remediation process.
- Review Security Hardening of the products and highlight deviations found from the approved hardening baselines
- Perform Vulnerability assessment of the environment using Nexpose/Nessus, review and prioiritize the results and followup on the remediation with the relevant team.
- Keep management updated on the remediation progress on VA.
- Provide regular patch management metrics and reports
- Perform assessment of patches released by product principals.
- Perform analysis of reported security incidents and drive it to closure, supporting the mission to protect
- Support a coordinated response to complex cyber-attacks that threaten assets, intellectual property, networks and computer systems
- Perform periodic and ad-hoc security audits such as log reviews, privileged user reviews etc. as per requirement.
- Help in the improvement of Security process.
- Presentation the progress and metric of the activities conducted to management and client.
Requirements
- Good understanding of Cloud environment and its common features.
- Experience in conducting Vulnerability Assessment using Nessus or Nexpose and in overall Vulnerability Management.
- Knowledge in performing security incident analysis.
- Experience in performing Configuration Review to review the security hardening of the products.
- Good communication and presentation skills
- Bachelor’s degree in Cyber Security, Computer science or relevant work experience
- Experience with at least on SIEM tool is a bonus
- Good understanding of General security best practices and process.
- Good understanding of Network protocol stack and common Networking protocols.
- Good understanding of Web application, network and system security.
- Candidates with Security certifications relevant to the position would be preferred. Relevant certs are (GCIH, CREST, Product specific Certs in Vulnerability Management) or any other certifications relevant to Incident handling, vulnerability management or overall security management from a reputed and well know certification provider.