- Highly motivated IT security professional with broad knowledge of evaluating, designing, implementing and supporting security solutions for IT systems seeks a position in the InfoSec field with a renowned organization.
- Symantec Endpoint Protection suite (SEP).
- Microsoft Technologies - Windows, Bitlocker, AD, Microsoft Office suite.
- CrowdStrike Falcon, McAfee’s ePO, VirusScan Enterprise (VSE) and HIPS
- Investigation of malware activities and malware removal using Sysinternals suite tools.
- Initial malware analysis and basic forensics review of logs, browsing history, prefetch, MFT.
- TCP/IP, networking, cryptography, firewalls.
- Ticketing tools (HPSM, Remedy).
- Penetration testing process and tools (Nmap, Nessus etc.).
- Vulnerability and risk management.
- ITIL framework processes.
- Easy-going person who prefers to establish rapport with all parties.
- Prioritization of tasks in changing environment, data and requirements.
- Very good time management skills developed by the need of timely resolution of issues affecting customers.
- Very good coordination/PM skills gained during project planning and successful implementation in several customers (including client with 100k+ endpoints) and the need to schedule and coordinate the activities between different teams (Wintel, Database, WPS etc.).
- Working under pressure during the multiple high priority and high visibility issues which had to be solved in timely manner to restore service functionality.
Endpoint Security Infrastructure Engineer
- Design, implement and document the Symantec Endpoint Protection solution in corporate environments according to the specific enterprise architecture and compliance requirements.
- Root cause analysis in the Problem Management lifecycle.
- Involvement in TAB meetings to determine impact or provide feedback on changes affecting the customer's
- Management of Confidential 's Cls in conjunction with the environment changes.
- Responsibility for the overall Incident, Problem and Change management quality of the supported clients.
- Technical consultation to the account, capability support and technology teams.
- Trained, guided and prepared documentation for the lower levels of support and service desk teams in form of procedures and guidelines to improve the overall quality of the service and the incidents resolution time.
- Ongoing support activities in accordance to the SLAs and defined timelines.
- Ensured systems security within the production acceptance process.
- Collaboration with other internal and external support teams, vendors, CCLs, Account teams, Shift Managers etc. when involved in resolving high priority issues.
- Investigate incidents generated by the EPS team’s proprietary SIEM solution which corelated SEP suite logs
- (Antivirus, HIPS, Firewall, Application and Device control, SONAR and Download Insight) and respond with the appropriate action to prevent virus outbreaks, data loss and potential disruption of business activities
- Provide support and technical assistance for the MS Bitlocker and Checkpoint Pointsec FDE and RME encryption solutions for the supported clients.
- Created and modified security procedures and processes to ensure continual service improvement and client satisfaction.
- Ensured ongoing compliance with legal and regulatory security requirements and security policies.
- Achieved 100% AV software and definition distribution compliance of the servers in the supported clients within several months.
- Improved the network performance by introducing local distribution points for sites with slow WAN connectivity thus eliminating any productivity impediments caused by AV definitions updates.
Security Operations Support Engineer
- Take ownership of any assigned incidents; prioritize, investigate, diagnose and define an action plan to restore service stability as soon as possible.
- Collaborate with higher levels of support when facing major issues.
- Communicate with customers following the specific processes and procedures.
- Initiate Problem Record when facing reoccurring incidents which appear to have common root cause.
- Build strong working relationship with TTL, Account team and technology teams.
- Comply with the specific SLA standards for the clients.
- Proactively anticipate possible situations which may impact service stability.
- Provide technical consultation to the interested parties during escalations.
- Escalate issues to the Infrastructure engineer if deeper level troubleshooting is required.
- Preparation of technical documentation and reports upon request.
- Collecting samples of undetected malware
- Provide guidance and assistance in the job orientation period for the newly hired colleagues.