Core Responsibilities
Network Administration and Security
Manage protection of information systems, the detection of threats to ITFC systems, and the response to detected threats and cyber-attacks.
Safeguards information system assets by identifying and solving potential and actual security problems.
Protects system by defining access privileges, control structures, and resources.
Recognizes problems by identifying abnormalities, reporting violations.
Implements security improvements by assessing the current situation; evaluating trends; anticipating requirements
Determines security violations and inefficiencies by conducting periodic audits.
Upgrades system by implementing and maintaining security controls.
Keeps users informed by preparing performance reports, communicating system status.
Maintains quality service by following organization standards.
Maintains technical knowledge by attending/coaching educational workshops, reviewing publications.
Contributes to team effort by accomplishing related results as needed.
Performance Monitoring
Manage and Troubleshoot network systems issues and submit recommendations for improvements in network operation and management.
Plan for disaster recovery and create contingency plans in the event of any security breaches
Engage in and manage 'ethical hacking', for example, simulating security breaches
Identify potential weaknesses and implement measures, such as firewalls and encryption
Vendor Management
Service Management
Act as escalation point for all requests and incidents related to network.
Follow up on issues and provides subject matter expertise support for diagnosing and resolving problems.
Prepare technical and procedural documentation of network infrastructure.
Conduct root cause analysis for assigned incidents and recommend software or hardware changes to rectify problems.
Firewall Management (On-Premise and Cloud)
Oversee configuration, monitoring, and maintenance of on-premises and cloud-based firewalls, ensuring they are optimized to prevent unauthorized access and detect potential threats.
Define and implement firewall rules and policies, including access controls, to secure network traffic according to organizational and compliance standards.
Conduct regular audits and vulnerability assessments on firewalls to identify and mitigate any potential security weaknesses.
Collaborate with network and system teams to troubleshoot and resolve firewall-related issues while minimizing downtime and disruption.
Cloud Security Management (Defender for Cloud)
Configure, manage, and optimize Microsoft Defender for Cloud settings to enhance security posture across cloud resources, including VMs, databases, and storage accounts.
Develop and enforce security policies within Defender for Cloud to monitor and mitigate risks associated with cloud infrastructure, applications, and data.
Utilize threat intelligence, alerting, and automation features within Defender for Cloud to detect and respond to security incidents.
Implement security best practices for cloud platforms, including Identity and Access Management (IAM), encryption, and secure configuration.
Network Security
Design, implement, and maintain secure network architecture, incorporating firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and network segmentation strategies.
Conduct network traffic analysis and continuous monitoring to identify anomalies or suspicious activities that may indicate potential security threats.
Work closely with IT teams to deploy and configure network devices, ensuring compliance with security policies and best practices.
Lead initiatives to secure endpoints, enhance network resilience, and respond to vulnerabilities or incidents affecting network integrity.
Threat Monitoring and Incident Response
Implement and oversee threat monitoring processes using security information and event management (SIEM) systems, integrating data from firewalls, Defender for Cloud, and network devices.
Develop and execute incident response protocols for network, firewall, and cloud security incidents, minimizing impact through quick containment, analysis, and remediation.
Perform post-incident analysis and reporting to identify root causes, improve firewall configurations, and update security policies as needed.
Compliance and Documentation
Ensure firewall, network, and cloud security policies comply with relevant regulations and industry standards (e.g., NIST, ISO 27001).
Maintain documentation for all security configurations, procedures, and policies to facilitate audits and enhance knowledge sharing across IT teams.
Conduct regular security assessments, risk analyses, and penetration tests on cloud and on-premises systems to verify compliance and mitigate vulnerabilities.
Service Level Agreements (SLA)
Monitor production, outputs, and services to ensure that SLAs, and other quality metrics, are being met.
Developing SLAs.