Information Security Operations Engineer
The Vulnerability Management and Compliance Support Engineer will be responsible for ensuring the stable run state of Information Security technologies. They will provide operational and Level 3 support for these technologies. The job duties include daily management of incidents, maintaining and supporting the systems, and conducting proactive analysis to prevent future issues. The technologies in question can be located either in-house or with vendors and in cloud environments. The Support Engineer will be responsible for planning and coordinating upgrades, standardizing processes, and automating procedures for Information Security technologies. The job requires an understanding of ITIL service management practices and managing the implementation of changes, releases, and upgrades to different environments. The Engineer will also be required to be on call and work during weekends and off-hours to support the normal functioning of the systems.
Key Responsibilities
- Troubleshoot, diagnose, and analyze incidents related to Information Vulnerability Management and Compliance technologies.
- Identify the root cause of incidents, whether it be configuration or a defect.
- Work with various technical teams to develop corrective actions or workarounds to resolve incidents.
- Plan, coordinate, and install Information Security technologies in different environments, as well as upgrade and fix them.
- Address operating system and application vulnerabilities.
- Respond to automated alerts on system health using sound analytical and troubleshooting methods.
- Conduct routine maintenance and monitoring of security technologies and report on their status.
- Ensure that incidents are resolved in a timely and efficient manner and that steps are taken to prevent future problems.
- Communicate operational support issues to executives and senior management.
- Upgrade security applications to the latest versions, which involves testing, validation, compatibility, and addressing security vulnerabilities.
- Recommend and implement improvements to system performance and uptime for security applications and products.
- Document procedures for responding to alerts and drive the creation of automated restoration steps.
- Develop implementation plans for complex change requests, evaluating risks to system availability, business dependencies, and security event visibility.
- Drive automation of redundant activities to improve support efficiency and demonstrate familiarity with scripting languages like PowerShell, Python, or Shell scripts.
- Serve as technology advocate, promoting the correct support of various technology layers such as operating systems, databases, and networking.
Skills and Attributes for Success
We are interested in people who bring in security experience from having implemented and supported solutions in a large enterprise environment. As a successful candidate you will have functional and technical experience in implementing both Cloud and On-Premises security compliance and vulnerability management technologies.
- Proficiency in supporting complex security solutions and services within a large enterprise environment, including a foundational understanding of the .NET ecosystem and applications, which is hosted on Internet Information Services (IIS).
- Technical proficiency in implementing and managing solutions that are both in Cloud-based and On-Premises, with a focus on the integration and support of .NET-based applications, as well as familiarity with microservices, APIs, and related infrastructure.
- Project management experience, with the ability to track timelines and execute tasks within project deadlines, including those involving the deployment, configuration, and enhancement of .NET-based applications and services.
- Capability to enhance application performance and stability, including the implementation of enhanced monitoring and automation strategies
- Strong problem-solving and analytical skills, with the ability to troubleshoot complex issues across the .NET framework, IIS, and associated components such as microservices and APIs.
- Knowledge of ITIL practices to ensure compliance in Incident, Problem, and Change processes, with a particular emphasis on the unique requirements of maintaining and supporting .NET-based applications
- Excellent problem-solving skills, with the ability to identify and resolve complex data and infrastructure issues within the .NET ecosystem
- Strong communication and collaboration skills, with the ability to effectively convey technical concepts and requirements to both technical and non-technical stakeholders
- Detail-oriented and organized, with a commitment to maintaining the integrity, security, and performance of an applications within a complex enterprise infrastructure.
To qualify for the role, you must have
- A Bachelor's degree in Computer Science or a related field, or equivalent work experience
- At least 5 to 7 years of experience in Information Technology in a large, complex global IT environment
- Experience in managing a 24x7 support organization, overseeing projects and products
- Flexibility to allocate additional time outside of regular working hours to support pressing issues or maintenance windows and to accommodate team members in different time zones, including weekends
- Proficiency in Azure, Google, and/or AWS Cloud services, as well as hybrid and on-premises security solutions including Linux and Windows Operating Systems
- Ability to write custom scripting tools using Python, Ansible, PowerShell, etc., work with APIs
- Strong documentation skills to accurately and clearly outline processes, procedures, and security designs for internal teams and customers
- Demonstrated experience in managing external vendors and suppliers
Ideally, you’ll also have
- ITIL v4 Foundation Certification
- Involvement in large-scale global IT deployments or cloud migrations
- Microsoft Solutions Engineer (MCSE), Red Hat Certified Engineer (RHCE), or other relevant certifications
- At least one technical certification from a public cloud provider such as Azure, AWS, or Google, and security certifications from ISC2 (CISM, CISSP, CCSP, etc.) or SANS/GIAC (GSEC, GCLD, GPCS, etc.).
What we offer
As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial, and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer:
- Continuous learning : You will develop the mindset and skills to navigate whatever comes next.
- Success as defined by you : We will provide the tools and flexibility, so you can make a significant impact, your way.
- Transformative leadership : We will give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture : You will be accepted for who you are and empowered to use your voice to help others find theirs.