SASE ENGINEER

Job Description Summary

The Security Platform Engineer is a seasoned subject matter expert, responsible for facilitating problem resolution and mentoring for the overall team.

This role performs operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning).

The Security Platform Engineer is responsible for detecting and monitoring escalated threats and suspicious activity affecting the organization's technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments).

Job Description

Key Responsibilities:

• Palo Alto Firewall and SASE Experience is must.
• Works as part of a 24/7 team working on rotational shifts.
• Works as part of Platform and Content Engineering handling tunings, stake holder requests, escalations, reporting, trainings.
• Administers the organization's security tools to gather security logs from environment.
• Performs lifecycle management of the supported security tools/technologies, Break-fix, Patching, Live update.
• Adheres to SOPs and notify stake holders on log flow/log format issues.
• Documents best practices.
• Identifies opportunities to make automations which will help the incident response team.
• Performs security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics, and a broad range of skills in LAN technologies, Windows and Linux O/S’s, and general security infrastructure.
• Carries out agreed maintenance tasks.
• Ensures usage of knowledge articles in incident diagnosis and resolution and assist with updating as and when required.
• Performs defined tasks to monitor service delivery against service level agreements and maintains records of relevant information.
• Investigates causes of incidents and seeks resolution.
• Escalates unresolved incidents and follow up until incident is resolved.
• Provides service recovery, following resolution of incidents.
• Documents and closes resolved incidents according to agreed procedures.
• Investigates and identifies root cause of incidents and assist with the implementation of agreed remedies and preventative measures.
• Maintains knowledge of specific specialisms, provides detailed advice regarding their application.
• Ensures efficient and comprehensive resolution of incidents, including ensuring that repairs are carried out by coordinating product requests, working with other team members.
• Logs all such incidents in a timely manner with the required level of detail with all the necessary.
• Cooperates with all stakeholders including client IT environments, vendors and carriers to expedite diagnosis of errors and problems and to identify a resolution.

Knowledge and Attributes:

• Seasoned working knowledge on implementation and monitoring of any SIEM or security tools/technologies.
• Seasoned knowledge on security architecture, worked across different security technologies.
• Customer service orientated and pro-active thinking.
• Problem solver who is highly driven and self-organized.
• Great attention to detail.
• Good analytical and logical thinking.
• Excellent spoken and written communication skills.
• Team player with the ability to work well with others and in group with colleagues and stakeholders.