Security Operating Center Engineer III - Marsh & McLennan Companies Corporate
The Senior Specialist – Security Operations role is principally responsible for ensuring the availability and operations for all securityinfrastructure across MMC world-wide.
This includes next generation firewalls, proxies, advanced malware prevention, data loss prevention, intrusion detection/prevention systems, etc.
Additionally, security operations staff are responsible for the daily change management, configuration management, troubleshooting, patching, capacity management and system upgrades to securityinfrastructure.
Security Operations actively participate in infrastructure deployment projects such as new firewall deployment, based on approved engineering designs, or migrations of existing services to new platforms such a migration to newer technologies. When necessary, this position will participate in the Incident Response process relating to cybersecurityevents or investigations.
This role is accountable to maintain operational efficiency to facilitate a smooth running and predictable operational environment. The Sr. Specialist – Security Operations role reports to the Security Operations Manager.
Security Operations is a key role within MMC. Technical expertise combined with positive, collaborative, can do attitudes are required to make this team successful.
- Participate in the day to day operations of the security operations team to include internal support tickets, firewall and securityinfrastructure changes, infrastructure upgrades and patches, and other operational activities
- Participate in critical problem analysis, response and remediation of cyberevents, firewall rule changes, and internal support tickets
- End-to-End enterprise-wide tier II troubleshooting of networksecurity technologies for performance and connectivity across the global MMC environment.
- Assess applications connectivity issues associated with application data flows through securityinfrastructure.
- Execute daily ad-hoc tasks and lead small projects as needed
- Partner with other operations and engineering teams to advance the Cybersecurity and operational maturity strategies with respect to automation, tool migration, and the deployment of new technologies
- Participate in Computer Incident Response Teams (CIRT) as necessary by providing support to mitigate active security incidents possibly threatening the Global MMC computing environment
- 4-year college degreerequired
- Minimum 5+ years of advanced networksecurity operations experience with large scale operations spanning multiple business lines distributed globally.
Knowledge and skills (general and technical)
- Experience demonstrating knowledge of information security programs and operations, data security practices and procedures, network routing and connectivity technologies, and common cybersecurity attack vectors
- Experience demonstrating knowledge of computer hardware/software technologies, and information security tools
- Strong planning and organizational skills to set priorities and achieve goals
- Strong analytical and problem-solving skills relating to firewall and security operations technologies
- Excellent verbal, written and interpersonal communication skills
- Positive and collaborative “can do” attitude required
- Experience with securityinfrastructure related to Enterprise Log Management, IDP/IDS, Antivirus, Firewalls, Proxies, Load-Balancers, WAFs, VPN, DLP, Forensic Analysis and SIEM
- Experience with evaluating TCP dumps/traces, strong knowledge of Perl required and familiarity with Java Script, and Python very useful
- Strong working knowledge of Palo Alto firewall products
- Bluecoat Proxy, FireEye and F5 experience is a plus
- Ability to translate engineering designs and deploy configuration on security products
- Must be a self-starter, work with limited supervision & be able to work well with others in a globally diverse IT environment.
- CISSP or other related Information Security certifications preferred