sr security Operations engineerGlobe Telecom, Inc.

Job Description
At Globe, our goal is to create a wonderful world for our people, business, and nation. By uniting people of passion who believe they can make a difference, we are confident that we can achieve this goal.
Job Description
The primary purpose of this position is to provide thought-leadership and execution capabilities for security architecture, defining policies and controls, performing security monitoring, and helping to build security incident response ultimately maturing the Cyber Security practice.
DUTIES AND RESPONSIBILITIES
. Strategic Planning
Supports strategic planning exercises of the Planning and Architecture department (Risk Assessment and Threat Modeling exercises) providing inputs based on features, use cases, capabilities and roadmap of existing security platforms to help in identifying risks, prioritize and roadmap remediation in preparation for annual risk treatment planning (RTP).
Provide feedback on effectiveness of existing and proposed capabilities to the Security Architect (Planning and Architecture) to help ensure that proposed and existing systems architectures are aligned with GLOBE's security goals and objectives.
Updates the Security Architect (Planning and Architecture) on any enabled enhancements on existing security platforms they are managing to help them in maintaining and updating the architecture vision and roadmap in alignment with the Security Architecture blueprint.
Provide input into the company's Security Strategy, Cyber Security Baseline, and Risk Register based on their
observations and experiences in the course of performing their Security Engineering functions.
. Solutioning and Design
Oversee and lead the design, development, and deployment of enhancements/optimization, capacity build and technology refresh of existing security platforms they are managing.
Develop, document and communicate plans for any enhancements/optimization, capacity build and technology refresh of existing security platforms they are managing including analysis of cost reduction opportunities.
Confer with end-users, department heads, and stakeholders to define their requirements for any planned enhancements/optimization, capacity build, technology refresh of existing security platforms they are managing.
Provide insights/recommendations to Policy Management on the development and documentation of relevant policies to support the deployment of any enhancement/optimization of the security platforms they are managing.
. Implementation
Ensure Information security builds are delivered within committed timeframes, have passed all appropriate
solution governance and more importantly deliver the committed use cases.
Responsible for technology security signoff and the associated closeout / risk handling whilst driving and promoting an integrated approach to identify and reduce security risks.
Where applicable, design, develop and oversee implementation of an end-to-end integrated security ecosystem.
Act as team lead for the group of Vendor Employees handling security project implementation
. Engineering Optimization
Manage ISDP's assets by ensuring maintenance of accurate and complete asset inventory, monitoring capacity and performance management and performing product lifecycle management.
Ensuring security solutions are optimized, leveraging on all relevant features and rationalizing effectiveness of existing solutions.
Develop and execute test plans to check infrastructure and systems technical performance, report on findings, and make recommendations for improvement.
PLANNING REQUIRED
. The Role requires understanding the evolving threat landscape and enhancing/optimizing, engineering existing security platforms to effectively address relevant threats to the business.
. The Role requires familiarization of the security platforms they are managing and discerning relevant use cases and feature sets that will further improve the effectiveness and value of the security solution in some cases beyond what it was originally intended for.
. The Role is also involved in the Solutions Delivery for projects intended to enhance/optimize existing platforms, build capacity or technology refreshes requiring review and approval of high-level and detailed planning when conducting Demand and User Stories (DS/US), Best Estimate Today (BET), and Solutions Plan (SolPlan) to ensure that applicable security controls are imputed in the design and implementation.
. The Role handles some level of project management ensuring that planned and approved projects to strategically or tactically address security risks are implemented within scope, timeline and cost.
NATURE OF PROBLEMS ENCOUNTERED
. Challenges in implementing Information Security projects (new build and capability, enhancements, optimizations, capacity build, technology refresh) due to impact to the business, subscribers and employees.
. Security Incidents (e.g. unauthorized access, hacking, malware outbreak) that will require identification of gaps and determination of enhancements / optimizations of existing platforms, process improvements, security awareness to prevent recurrence.
REQUIREMENTS
Work Experience
1. 5-8 years work experience in Telco or IT (IT systems/network administration, preferably hands-on experience in Server Operating System (Windows, UNIX/Linux) or network devices IT security systems administration (Firewall/VPN, Intrusion Prevention Systems, Antivirus/Anti-spam, URL filtering, Encryption, etc.)
Level of Knowledge
1. Graduate of B.S. in Computer Science/Engineering or any IT-related courses (should be 4-5 years course)
2. Training in Information Security, ITSM, Project Management, Business Process Admin, & Quality
3. Preferably has certification: CISSP, RHCT/RHCE, CCSA/CCSE, CCNA/CCNP, MCSA/MCSE, CEH, CISA/CISM
Competencies
Group Competency (SANS Institute)
. Information Security Foundation
. Cornerstone Information Security
. Advanced Information Security Principles
. Information Security Aptitude
. Networking Concept Domain
. Defense in Depth Domain
. Internet Security Technologies Domain
. Communications Security Domain
. Operating Systems Security Domain
Core
. Strategic Planning & Policy (3)
. Cybersecurity Management (3)
. Acquisition & Program / Project Management (3)
. Risk Management RM (3)
. Systems Architecture (3)
. Technology R&D TERD (3)
. Threat Analysis TANL (3)
. Incident Response IR (2)
. Vulnerability Assessment & Management VAM (2)
. Test & Evaluation T&E (2)
. Executive Cybersecurity Leadership (2)
Make Your Passion Part of Your Profession. Attracting the best and brightest Talents is pivotal to our success. If you are ready to share our purpose of Creating a Globe of Good, explore opportunities with us.