Job Description/Scope of work to be performed:|
The resources being sought will assist in the operational management and BAU processes associated with our Data Leakage Prevention capabilities including the following:
o Assist resolve incidents and document solutions related to security monitoring and incident response for virus activity, malware, SQL Injection attempts or other malicious activity within Citi Network.
- DLP Problem & Incident Management (Virtual Tech & EMS Tickets)
- Weekly Conference Calls ( Discuss technical issue, new releases, and upcoming products)
- Data Leakage Detection/Prevention Policy Management based on OTRM requirements UAT Testing & Server deployments
- Data Leakage Remediation Support
- Coordination & Tracking of CATE RFP & RFT process
- Change Management
- DLP End Point Load Balancing & Maintenance
- Health and Welfare Monitoring of DLP Infrastructure
- Health & Welfare of DLP Application
- DLP Software License & Certificate Management
- DLP Functional ID Review & Management
- Inventory Management
- Monitoring of CRON jobs
- DLP ArcSight Data Feed Management
- Data Leakage Detection/Prevention Policy Management
- Monthly MOR Metric Reporting
- Monthly Threat Management Reporting
- Critical File Monitoring Management & Standard Build
- Work with the Global Anti-virus ePolicy Orchestrator (ePO) and Enterprise Security Monitoring (ESM) systems operation and support group. Need to be able to hit the ground running and contribute with little supervision.
- The tasks will include all of the following:
o Help Security Operations Center (SOC) with the ePO monitoring to verify applications and clients are functioning properly and comply with all security signatures, virus definition files, scan engines, MS security patches, and policies on desktops and servers.
o Assist the group with global implementations, upgrades, and updates on a global level, working closely with engineering and security operations teams.
o Respond to incident issues, virus fighting, outages and help with implementation work.
o Develop reporting methods that focus on Risk Mitigation based on McAfee findings and must be able to perform analytic review and metrics reporting
o Must keep up to date with global threats to the environment such as new attack vectors, malware types, botnets, etc.
- Must have experience with DLP (Data Loss Prevention), detection/monitor and blocking, particularly with End Points via a large enterprise level application DLP system.
- Minimum of 5 years work experience in global projects, security operation, system support, conversions, and implementation of an enterprise level application system.
- Experience with security operations and support group in a fast-paced deadline-oriented environment.
- Experience with security Products like ePolicy Orchestrator and Virus Scan enterprise.
- Experience in investigating the Root Cause for Suspicious Threats and analsying the global threats in the Citi Environment.
- Experience in working in a large organization with globally distributed personnel, functions and operations.
- Technical background in information\system security, Symantec products, SQL and ITIL framework is a plus.
- Must have 5 years experience working with enterprise security applications performing administration, implementation, configuration, upgrading, and policy creation.
- Strong understanding of Microsoft technologies is required.
- Strong understanding of Redhat Enterprise Linux technologies is required.
- Strong understanding of Oracle and SQL Database technologies is required.
- Strong understanding of REGEX (Regular Expressions) is required.
- Strong understanding of Enterprise Change Management is required.
- Strong understanding of Enterprise Problem / Incident Management is required.
- Experience with using a SIEM (Security Information and Event Monitoring) tool such as ArcSight is a plus.
- Superior oral and written communication skills (English a must, additional languages a strong plus).
- Effective social, teamwork skills and proven ability to generate and evaluate alternative solutions to complex technical problems.
- Bachelors Degree in Computer Science, Information Systems or related field is preferred.
- CISSP certification preferred.