March 7, 2021

Expert Cyber security

Veon - Islamabad

Islamabad
As one of the leading employers in the country, Jazz epitomizes the philosophy that each Jazz employee is passionately living a better every day inspired and enabled by visionary leadership, a unique professional culture, a flourishing lifestyle, and continuous learning and development.
Our Team & You
As one of the largest private sector organizations in Pakistan, our objective is to continue to change the lives of our 59 million+ customers for the better. This is an opportunity for someone who wants to be part of something transformative, someone who can play a critical role in driving our success. Together, we can empower millions more with the tools necessary to progress in an increasingly digital economy.
What the first 30-60-90 days in the job will look like?
  • Within 30 days you will:
Attend and graduate from our company-wide on boarding process along with a detailed orientation program where you will learn about Jazz’s core values, business, and products
Meet the relevant stakeholders concerning your team
Develop understanding of your division, function, its structure, and your role within the team.
Develop understanding of information security policies and procedures.
  • Within 60 days, you will:
Get to know your relevant stakeholders e.g. business, infrastructure, commercial, finance and fraud management.
Get to know the SOC systems and processes.
Perform operational and management activities of SOC systems.
  • Within 90 days to onwards you will:
Deploy and maintain SOC systems
Develop and optimize use cases, alerts and reports in SIEM
Involved, investigating information security / finance related incidents and identifying loopholes in impacted system/application
Become a leading member of incidence response team.
Suggesting information security recommendations to all stakeholders
A Bit About You:
We are looking for someone who is willing to deliver on challenging projects and has taken end to end responsibility from planning to production of a security operations centre. Prior experience of banking / telecom industry will be an added advantage.
We are looking for someone who have BS/MS in Information Security/Information Technology and should have 5-years of experience having security monitoring and security incident management skills; these skills are key to meet the performance expectations for this role. Should have excellent verbal and written communications skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences with Professional security certification.
This position will:
  • Develop, implement, and execute the standard procedures for the administration, backup, disaster recovery, and operation of the SOC systems infrastructure, including Backup management, Capacity planning, Change management, Version or patch management, Lifecycle upgrade management
  • Develop and maintain the technical architecture of the SOC systems, enabling all the components to perform as expected and meeting established service-level objectives for system uptime.
  • Be responsible for new product release management, policy and integration testing, security testing, and vendor management.
  • Develop and deploy content for the SOC infrastructure, including use cases for dashboards, active channels, reports, rules, filters, trends, and active lists.
  • Monitor and help optimize data flow using aggregation, filters, and use cases to improve the JSOC monitoring and response capabilities.
  • Coordinate and conduct event collection, log management, event management, compliance automation, and identity monitoring activities.
  • Respond to day-to-day security change requests related to ArcSight operations.
  • Perform collateral duties and responsibilities as a backup to the security engineering role.
  • Support on-boarding of new sources; Support architecture changes required to supporting evolving business needs and threat profile. For e.g. establishment and integration of regional level SIEM solution for integrating new log sources.
  • Designing queries, models, and hypotheses to identify anomalies
  • Find evidence of compromise, intrusions, and malicious activity on the network.
  • Focus on detecting new threats, vulnerabilities, and potential weaknesses.
  • Designing queries, models, and hypotheses to identify anomalies
  • Find evidence of compromise, intrusions, and malicious activity on the network.
  • Focus on detecting new threats, vulnerabilities, and potential weaknesses.
  • This Tier 3 role maps to the following services
Direct Support (2nd line) Threat hunting,
Forensics 24/7 availability
‘JSOC Health Monitoring’ Onboarding
A Bit About Us:
The Cyber Security team is part of the Technology Department within the Cyber Security, Governance & Technology Compliance Division. The team is responsible for managing Information Security portfolio at Jazz. The Cyber Security is responsible for end to end security of jazz that includes developing policy, procedures, application security, network security, system security, end point security, logs monitoring, vulnerability assessment, security awareness, incident detection and response.

The structure of the team you will join is:
  • A 11-member team (including the department head) with responsibility of Cyber Security IT & Network planning and Governance, Applications Assurance and Security Monitoring & Incident Response
  • You will be part of a 9-members team reporting to a Stream Head Cyber Security.

The two (02) main priorities of the team as a whole are:
  • Strong Governance with effective reporting of security KPIs
  • Monitoring of security incidents and incident response

To collaborate and produce effective business results, the role requires
Team work & collaboration.
Vision and strategic thinking.
The ability to build strong relationships with External Teams: Convinces to adapt secure coding practices and testing post application development to avoid frauds and prevent leakage of confidential information accordingly.
The ability to build strong relationships with Internal Teams: Elaborates the technical terminologies to explain the processes for application/system penetration for detection of viruses/bugs in the system.

The two (02) specific tasks that team was working on in the last 6 months with results.
Cyber Security Incident Management
Vulnerability assessment and penetration testing.
The three (03) must have past experiences the candidate should have.
BS/MS in information security/Information Technology
Practical experience of security monitoring in banking / Telco sector
Incident management and threat hunting.
The 4 must have technologies the candidate should have.
Cyber Security
TCP/IP protocols
ITIL/ITSM
SIEM deployment and administration

Essential skills must have:
Functional
  • Self-starter needs no or little supervision;
  • Ability to organize, plan and document tasks;
  • Possess good logical and analytical skills to help in analysis of Security events/Incidents which are not already documented
Technical
  • In depth knowledge and operational responsibility for ArcSight Event Correlation System. Includes ArcSight ESM, Connector Interfaces, Logger, Windows and Linux servers and Backups;
  • Strong logical and analytical skills to help define new use cases, statistical correlation rules and analytical monitoring functions;
  • Developing analytical threat models and hypothesis
  • Develop analytical products using enterprise and all-source intelligence
  • Conduct malware analysis and provide indicators for defensive measures
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • Proficient in the latest forensic response and reverse engineering skills; Having astute interest in the latest exploit methodologies;
Grade: L2
Last Date to Apply: 9th March 2020
Working at the VEON GROUP demands a high standard of business ethics and adherence to our legal obligations, our values and our Code of Conduct and supporting compliance policies and procedures. Our pioneering spirit is embodied in our values to be customer obsessed, entrepreneurial, innovative, collaborative, and truthful. Being truthful requires us to act ethically, honestly, and with integrity.

By clicking on “”, you confirm that you have read, understood and explicitly agree to the our Applicants Privacy Policy

To apply for this job email your details to saadzafar659@gmail.com