About the Role
As a key member of the central Information Security Services team (“ISS”), the Cyber Defense Support Specialist will be at the forefront of our cybersecurity efforts, ensuring the integrity and security of our IT systems and networks. He/she will act as a dual specialist, providing a robust defense against cyber threats while maintaining optimal system performance. As part of the overall SOC team, he/she will collaborate with other cybersecurity professionals to proactively identify, mitigate, and respond to potential threats and vulnerabilities.
Responsibilities
- Oversee the day-to-day operation, maintenance, and optimization of the SOC's IT infrastructure, including servers, networks, and security tools. (T0042, T0498)
- Provide support for the selection, deployment, and ongoing management of security tools, ensuring they function effectively for threat detection and prevention. (T0029, T0420)
- Work closely with architects to ensure the SOC's infrastructure aligns with the designed architecture, maintaining scalability and efficiency. (T0348, T0501)
- Assist in the setup and maintenance of incident response infrastructure, enabling quick and effective response to security incidents. (T0180, T0507)
- Manage user accounts and access permissions, enforcing security controls and policies in collaboration with GSS teams. (T0144, T0438)
- Maintain comprehensive documentation, ensuring systems adhere to security policies, compliance standards, and regulatory requirements. (T0063, T0458)
- Participate in the evaluation of emerging security technologies and vendors to enhance the SOC's capabilities and resilience against evolving threats. (T0207, T0348)
Required Skills and Expertise
· Must have a deep understanding of computer networking concepts and protocols, and network security methodologies (K0001)
· Thorough knowledge of cyber threats and vulnerabilities (K0005)
· Knowledge of server/client operating systems and systems administration concepts (K0077, K0088)
· Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and working through resolution (S0124)
· Skill in operating system administration. This includes account maintenance, data backups, maintaining system performance, and installing and configuring new hardware/software (S0158)
· Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation) (A0123)
· Excellent communication skills (verbal, written, visualization and listening) in English.
Preferred Skills and Expertise
· Understanding of host/network access control mechanisms (e.g., access control list, capabilities lists)(K0033)
· Understanding of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)(K0179)
· Familiarity with virtualization technologies and virtual machine development and maintenance (K0130)
· Skill in securing network communications (S0077)
· Skill in monitoring and optimizing system/server performance (S0155)
· Ability to develop, update, and/or maintain standard operating procedures (SOPs) (A0034)
· Education: Bachelor’s in Computer science, cybersecurity, information technology, software engineering, information systems or computer engineering.