Monitor and manage security infrastructure and tools in scope (e.g., AV, DLP, EDR, DAM, PKI, PAM, HSM, Vulnerability Scanner, SIEM)
Receive and respond to security incidents and events via established workflows and automation tools
Act as the escalation point for infrastructure-related incidents during office hours and provide standby/on-call support
Assist in analysis, containment, and remediation of security incidents
Prepare and maintain incident records, reports, and lessons learned documentation
Conduct regular vulnerability scans and assist with patching/remediation coordination
Maintain awareness of known threats and assist in threat hunting activities
Help maintain the security risk register and support identification of recurring issues or weak points
Generate and maintain standard operating procedures (SOPs), knowledge articles, and technical documentation
Support the development of regular service and incident reports
Assist in compliance reporting and audits
Engage with internal and client teams to understand business requirements and provide technical support
Maintain awareness of industry trends and security best practices
Participate in training to improve knowledge of tools and response processes
Requirements
Degree or diploma in Information Technology, Cybersecurity, or related field
1+ year experience in IT or security operations (internship, NOC, SOC, or IT support roles are acceptable)
Experience in working with or supporting some of the following: - Trellix Endpoint Security (AV, DLP, HIPS) - Carbon Black EDR - Imperva DAM - Microsoft PKI and Certificates - CyberArk and RSA 2FA - Tenable Nessus Security Center - Luna HSM (Thales)
Familiarity with network and host security technologies (EDR, AV, HIPS, DLP, Firewalls)
Basic understanding of SIEM platforms (e.g., Splunk), PKI, and log correlation
A continuous learner that stays abreast with industry knowledge and technology
Understanding of information security principles, CIA triad, and risk assessment basics
Exposure to Windows and Linux environments
Ability to create basic documentation and reports
Willingness to take initiative and learn from senior engineers
Relevant certifications such as CompTIA Security+, CEH, or equivalent are a plus
Knowledge of Microsoft SC-900 / AZ-900 would be advantageous
Familiarity with security concepts, tools, or certifications (even entry-level) is a strong plus
