Role Proficiency:

Provide support across SIEM or EDR technologies for global customers and ensure that the platforms are functioning as expected. Conduct checks and perform basic triage for global customers under minimal supervision and guidance of senior team members.

Outcomes:

Conduct Health checks for a single or multiple platform types following guidance. Escalate issues observed. Forward to a senior team member for review to ensure proper visibility of issues before they become incidents. Where appropriate assist with service requests for platform types such as access requests to ensure optimal delivery for internal and external stakeholders. Participate in maintenance activities to help with improving understanding of the architecture of platforms supported as well as self awareness building proficiency for supported toolsets. Develop skills around the cyber security methodologies and requirements for the various platform technologies which are being supported providing efficient customer service Follow relevant in-life processes tracking any escalation pipelines and pathways required to ensure consistency of application provided to the customer.

Measures of Outcomes:

Percent of Adherence to processes and methodologiesa.Percent of adherence to SLAs for in life ticketing processesb.Percent of adherence to workflows and the completeness of audit trails for any activities Productivity score maintaineda.Number of issues identified early to pinpoint problems with delivering tasks or workload.b.Number of issues with effective evidence provided for escalations during triage. Number of relevant skill related training and development activities undertaken; evidenced by certification.

Outputs Expected:

Platform Health Monitoring:

Support Service Requests and first level Incident support Proactive identification of issues
with behavioural analysis/patterns identified. Conduct daily and regular occurring service tasks with minimal supervision to ensure daily operation of the platform supported.

Customer Focus:

Ensure customer specific processes are being followed and adhered to at all times Undertake mandatory and proactive learning and development opportunities.

Skill Examples:

Good communication skills Ability to work as part of a team Ability to understand basic computing technologies. Aptitude in working with a/multiple SIEM or EDR technologies Capable in working as part of a shift Ability to work with querying data and the role of a SIEM/EDR Ability to demonstrate analytical skills working across multiple technologies and customers.

Knowledge Examples:

Knowledge Examples

Knowledge of Security Operations and Incident Management Knowledge of IT Infrastructure and basic networking concepts Knowledge of a query language / regular expressions Understanding of ISMS Desirable: Certifications in IT infrastructure / SIEM / EDR / Ethical Hacking

Additional Comments:

CyberProof is a cyber security services and platform company whose mission is to help our customers react faster and smarter – and stay ahead of security threats, by creating secure digital ecosystems. CyberProof automates processes to detect and prioritize threats early and respond rapidly and decisively. CyberProof is part of the UST family. Some of the world’s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services. Roles and Responsibilities: • Monitor Nozomi s • Maintain, configure, fix Nozomi client • Fix any connection issues • Analyse s and bring in best practice • Understand customer requirements and recommend best practices related to Nozomi solution • Offer consultative advice in security principles and best practices related to Nozomi operations • Developing new use cases, rules, correlations, dashboards to meet the customer needs. • Design and document architectures to meet the customer requirements • Deploy and configure Nozomi platforms as per Vendor guidelines and industry Best Practices • Assist client with technical guidance to configure end log sources in-scope to be logged to the Nozomi Platform • Document the build of the Nozomi solution Mandatory Requirements: • Hands-on Experience with Nozomi platform. • University degree in information security or equivalent work experience. • Minimum 2-4 years’ experience in a similar role. • Preferred SIEM vendor certification of administrator. • Knowledge familiarity with different security attack vectors and means of protection