Job Description
EXPERIENCE AND EDUCATION:
Essential Qualifications/Experience:
· Bachelor's degree in Computer Science, Information Technology, or related field Or equivalent experience
· 3+ years of experience in IT security, with a focus on Active Directory security, System Administration, and hands-on on Security Assessment Tools in large organisations
· Experience with Active Directory Management
· Strong understanding of security best practices and experience with Tenable products especially with Tenable Identity Exposure
· Comprehensive experience and hands-on on administering Microsoft Windows Domain based networks
· Systems administration, ideally both with Windows and Linux
· Good engineering skills including programming and/or scripting knowledge (python, shell scripting, PowerShell)
· Demonstrable experience of analysing, prioritizing and reporting in the field of vulnerabilities assessment
· Database management skills, preferably MS SQL
Desirable Qualifications/Experience:
· Experience in working with NATO
· Experience of working with NATO Communications and Information Agency
· Experience of working with national Defence or Government entities
DUTIES/ROLE:
· Ensuring data accuracy and up-to-date data for Active Directory (AD) Security issues:
ü Ensure accurate and up-to-date AD data is collected from the different Domains in scope
ü Security baselines are configured based on industry best practice and NATO policies
ü Review existing policies, fine tune and improve them at the same time
ü Report to the Tool Managers any technical issues, such as connectivity problems between Tenable Identity Exposure and other integrated systems or errors in scans or reports
ü Follow up the new releasing of the security solutions to consider the implementation of new features or capabilities
· Monitoring, analysing the collected data, prioritizing based on risk assessment for Active Directory (AD) Security issues:
ü Monitor the solution daily
ü Identify the potential security issues
ü Ensure that the collected data is analysed
ü Prioritize the remediation actions based on the previous point
· Reporting Active Directory (AD) Security issues:
ü Critical vulnerabilities will be reported within 4 hours since identified
ü High vulnerabilities will be reported within 8 hours since identified
ü Deliver a comprehensive vulnerability report to each stakeholder under you area of responsibility taking into account all vulnerabilities posing a security risk, remediation actions recommended to the system/application owners and the status of the recommended actions. The weekly report is expected to be delivered each Wednesday/Thursday before Close of Business
ü Ensure that the reported information is also available via PowerBI dashboard (or similar)
ü Report to the corresponding AD management teams the prioritized remediation actions based on the analysis done on point 2.c/2.d)
ü Record the defined KPIs to follow up the trend of AD Security issues
· Remediation actions for Active Directory (AD) Security issues:
ü Follow up and verify that the reported security issues have been remediated
ü Follow the escalation process in case the reported security issues have not been fixed
· Documentation:
ü Document configuration and changes: Keep up-to-date documentation of all configurations, baselines, troubleshooting procedures
ü Keep a lessons learnt document
· User access Management:
ü Review the list of users with access to the security solution
ü Verify that only the required users have access to the solution
ü Coordinate with the Tool Managers any issue with the User access management
· Automation and Scripting
ü Improve processes efficiency: Identify areas where automation could reduce manual intervention and improve operational efficiency