L2 Security Engineer - Antivirus

Company Description

Job Description

Your role is to perform a variety of 2nd level antivirus (AV), anti-malware and advanced persistent threat (APT) based engineering activities to enable delivery of complete Integrated Services Management across all ITIL disciplines, being Service Desk, Incident Management, Problem Management, Configuration Management, Change Management and Release Management.

Key Responsibilities 

· Accept, manage and update service requests to ensure contracted Service Level Agreements are met.

· Provide remote technical support within Managed Services’ ITIL aligned service delivery processes including Incident Management, Problem Management, Configuration Management, Change Management and Release Management

· Manage, own and co-ordinate the technical resolution of incidents either remotely or onsite utilising Field Engineering resources

· Plan, coordinate and implement complex AV/APT policy changes within customer specified change windows, adhering to a predefined ITIL change management framework. This will include liaising with the customer, third party suppliers, vendors and partners to ensure minimal disruption to the customer’s day-to-day business operations, and the provision of a seamless, coordinated delivery of services.

· Plan, coordinate and execute release management activities within customer specified change windows, adhering to a predefined ITIL release management framework plan, coordinate and execute configuration management activities within customer specified change windows, adhering to a predefined ITIL configuration management framework plan, coordinate and execute life-cycle management activities within customer specified change windows, adhering to a predefined ITIL life cycle management framework Identify Known Errors and document these within the Known Errors Database

· Where necessary, liaise and work with Professional Services Engineers and Solutions Architects around client AV projects and deployments

· Where appropriate, use lab equipment and resources to attempt to recreate client incidents and undertake fault simulation activities.

· Maintain detailed knowledge of the clients’ environment(s), where applicable, by maintaining and updating relevant documentation such as AV Network Diagrams, Configuration Databases along with process and procedural documentation.

· Understand and manage the requirements of being part of a shift hand-over, operational advice, guidance, support and escalation.

· Understand the scope, delivery mechanisms and processes of all relevant AV Services delivered by Managed Services

· Execution of the Managed Services business plan and strategies relating to AV Engineering

Qualifications

Mandatory:

• Must understand McAfee EPO or Symantec Antivirus and supporting modules (i.e...Antivirus or AV, IPS, endpoint protection.)
• Must understand APT solutions such as FireEye, Palo Alto Traps, Cisco AMP
• At least 5 years of IT experience.
• Solid understanding of Active Directory groups
• Solid understanding of all Windows OS
• At least 2-3 years of experience managing McAfee/Symantec AV, Encryption
• Host Based Intrusion Prevention Systems experience.
• McAfee ePolicy Orchestrator (ePO).
• At least 2 year experience dealing with virus/worm outbreaks and malware analysis
• Maintain McAfee ePO environment in optimum performance and compliance standards.
• Experience with administration including the ability to configure and resolve complex security issues in support of enterprise endpoints (25,000+ nodes) in a geographically dispersed environment.
• Identify process and technical improvements for the environment

Desirable

• Knowledge in a variety of endpoint solutions such as Sophos, Symantec AV, MS ForeFront, or TrendMicro 

• Knowledge on Vulnerability Management and Risk Analysis
• Cisco Specialisations, etc (CCNA, CCNP, etc)
• Vendor specific AV/APT certifications
• Prior experience and/or training with regard to the ITIL Services Framework

Additional Information

Videos To Watch