. Provide 1st level support for security incidents/technical problems that comes under the scope of TMONE SOC.
2. Configuration changes e.g. firewall policy, anti-spam blacklist based on customer change control requirement, Performance monitoring, Maintenance of signature and firmware, ISP action tuning based on the requirement of countermeasure during attack, Router or firewall access-list blocking based on the requirement of countermeasure during attack. Perform security event management that includes – Proactively monitoring and analyze of security event from SIEM system – Proactively monitoring the availability of security devices – Proactively monitoring the subscribed global intelligent system and update the necessary system. Ability to do effective event analysis and troubleshooting.
3. Act as part of a team providing security incident response ownership for TMONE MSS clients. Assist Senior Security Analyst in solving issue for customers.
4. Communicate effectively and provide coordinate services to TMONE MSS clients; ensure that all Service Level Agreement pertaining to security incident response and management is met.
5. Prepare monthly management report and adhoc report to selected premium client. Perform problem analysis, resolution and system recovery within committed SLA. Produce monthly newsletter.