Security Operations Specialist

About Digicel

Digicel is a leading digital connectivity and communications provider, delivering modern wireless and fibre networks across 25 markets in the Caribbean, Central and South America. Serving nine million customers through mobile, home, and business solutions, we play a critical role in enabling economic participation and digital inclusion in the region. Our commitment to strong governance, inclusive access, and long-term value creation is embedded in how we operate every day. Backed by our DIGI values - Diversity, Integrity, Growth, and Innovation - our 5,000 employees are focused on driving impact for the customers, communities, and countries we serve.

Visit www.digicelgroup.com for more.

Primary objective of the job: 

The core elements of the Digicel 2030 transformation see it undertaking a complete re-design of the organizational structure; putting customers in control and making a commitment to deliver superior superfast network experience.

Cybersecurity is a centralized business function with company-wide oversight to establish the strategy, governance (policies, standards, procedures), operations (systems, coverage requirements), compliance and testing, budgeting, staff training, vendor selection and management, across all 25 Digicel companies across the Caribbean and Central America.

The team’s scope oversees all business units to ensure enterprise-wide scope, and manages the deployment and management of several globally deployed security systems to encompass all Digicel country networks, infrastructure of over 10K devices, and user accounts of over 6K. In addition, the team oversees all cybersecurity testing and provides expert guidance on all new and proposed projects, network changes, new suppliers across the global business. This including support and controls for data protection to ensure compliance and enforcement with data protection standards and laws across the global organization.

As the Security Operations Specialist you will assess SIEM/sensor coverage and health, perform alert and event analysis, vulnerability management, KPI and SLA management, perform incident investigation, and perform other ad hoc security related activities from time to time. Additionally, monitor threat and vulnerability news, and coordinate / follow-up on activities and communications with key external security partners and other internal stakeholders including IT/Technical teams.

Main Duties and Responsibilities:

• Perform level-1 triage of the alarms, events and threats escalated by our security operations center (SOC) and globally deployed SIEM
• Quickly action mitigation plans as per SLA in order to respond to different source of threat such as Malware, insider threat, external compromise, etc
• Maintain and troubleshoot security systems deployed across all market networks, on all endpoints, and cover user accounts
• Track coverage of security tools deployed, assist in new deployments, upgrades, changes and other global projects as directed
• Track and report on security non-compliance related to endpoint security coverage, device hardening, AD accounts, or other various security areas as assigned
• Respond and provide security guidance to remediate incidents and issues within SLA
• Respond/Coordinate efforts between key stakeholder teams to emergency security threats from Firewall (FW), Intrusion Detection Systems (IDS), Access Control, Email Threat Protection, and Antivirus
• Collaborate with technical leads across all countries: IT, Technology, Service Desk, Applications owners on matters related to security across global footprint
• Report accurately and in timely manner on security incidents and global threat landscape to Group Security Operations Manager
• Manage and maintain vulnerability scanning platform and configure/control the vulnerability scans, subsequent market-level reporting and also provide remediation guidance and perform follow-up tracking as necessary
• Assist to generate and improve findings from security tests, assessments, reports and Key Performance indicators (KPI)
• Find innovative ways to promote and support good security practices with Digicel’s entities
• Collect logs and evidences for investigations and provide support as needed
• Perform other duties as assigned from time to time

Academic Qualifications and Experience Required:

• Bachelor’s degree in IT/Computer Science, or equivalent education and/or experience
• One (1) - two (2) years’ experience in IT/Network Administrator or equivalent knowledge OR One (1) year of experience in IT Security domains (Network security, security operations, compliance and regulations)

Functional Skills:

Technical:

• Good general knowledge of IT and networked systems: web servers, active directory, mail servers, file servers, databases
• Good knowledge of Unix/Linux and Windows Operating system and their security
• Working knowledge and understanding of network and application security principles
• Working knowledge of TCP/IP, common internet protocols and applications
• Knowledge of virtualized/cloud computing (Iaas, Saas, Paas), Azure networks and their security
• Familiarity with Network protocols and packet analysis tools.
• Knowledge of various security methodologies and processes, and technical security solutions (firewall, endpoint protection, system hardening, DDOS protection and intrusion detection systems).
• Understanding of cloud based critical infrastructure systems security threats
• Familiarity with security vulnerabilities, advisories, incidents, penetration techniques, attack vectors, and countermeasures.
• Industry accepted certifications preferred (eg. CISA, CISSP, CISM, GIAC, Comptia security+, Azure fundamentals)

Personal:

• Deeply passionate about cybersecurity and emerging technologies and techniques utilized by threat actors.
• Out of the box thinkers that enjoy constantly learning new things and can adapt that education into new processes
• Dynamic with excellent analytic skills
• Excellent reporting and documentation skills
• Ability to prioritize tasks

DISCLAIMER:

This job description indicates the general nature and level of work expected of the incumbent.  It is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities required of the incumbent.  Incumbent may, and probably will be asked to perform other duties as required.  Each employee, regardless of classification, is required to maintain a safe, orderly and clean workplace, using safety precautions and observing safety rules at all times.