L2 Security Engineer - Antivirus

Summary

Join our team as a 2nd level antivirus (AV), anti-malware, and advanced persistent threat (APT) based engineering professional to enable delivery of complete Integrated Services Management across all ITIL disciplines.

Requirements

• Must understand McAfee EPO or Symantec Antivirus and supporting modules (i.e...Antivirus or AV, IPS, endpoint protection.)
• Must understand APT solutions such as FireEye, Palo Alto Traps, Cisco AMP
• At least 5 years of IT experience
• Solid understanding of Active Directory groups
• Solid understanding of all Windows OS
• At least 2-3 years of experience managing McAfee/Symantec AV, Encryption
• Host Based Intrusion Prevention Systems experience
• McAfee ePolicy Orchestrator (ePO)
• At least 2 year experience dealing with virus/worm outbreaks and malware analysis
• Maintain McAfee ePO environment in optimum performance and compliance standards
• Experience with administration including the ability to configure and resolve complex security issues in support of enterprise endpoints (25,000+ nodes) in a geographically dispersed environment
• Identify process and technical improvements for the environment

Responsibilities

• Accept, manage and update service requests to ensure contracted Service Level Agreements are met
• Provide remote technical support within Managed Services’ ITIL aligned service delivery processes including Incident Management, Problem Management, Configuration Management, Change Management and Release Management
• Manage, own and co-ordinate the technical resolution of incidents either remotely or onsite utilising Field Engineering resources
• Plan, coordinate and implement complex AV/ APT policy changes within customer specified change windows, adhering to a predefined ITIL change management framework
• Plan, coordinate and execute release management activities within customer specified change windows, adhering to a predefined ITIL release management framework plan
• Identify Known Errors and document these within the Known Errors Database
• Liaise and work with Professional Services Engineers and Solutions Architects around client AV projects and deployments
• Use lab equipment and resources to attempt to recreate client incidents and undertake fault simulation activities
• Maintain detailed knowledge of the clients’ environment(s), where applicable, by maintaining and updating relevant documentation such as AV Network Diagrams, Configuration Databases along with process and procedural documentation
• Understand and manage the requirements of being part of a shift hand-over, operational advice, guidance, support and escalation
• Understand the scope, delivery mechanisms and processes of all relevant AV Services delivered by Managed Services
• Execution of the Managed Services business plan and strategies relating to AV Engineering

Preferred Qualifications

• Knowledge in a variety of endpoint solutions such as Sophos, Symantec AV, MS ForeFront, or TrendMicro
• Knowledge on Vulnerability Management and Risk Analysis
• Cisco Specialisations, etc (CCNA, CCNP, etc)
• Vendor specific AV/APT certifications
• Prior experience and/or training with regard to the ITIL Services Framework