Resident Engineer - Singapore - CYBER SENSE TECHNOLOGIES PTE. LTD.

CYBER SENSE TECHNOLOGIES PTE. LTD.
CYBER SENSE TECHNOLOGIES PTE. LTD.
Verified Company
Singapore

1 week ago

Wei Jie

Posted by:

Wei Jie

beBee Recruiter
Description

Scope of work:


  • Focus on all technical aspects on Trellix products
  • Interface to customer's staff
  • Familiarise with customer's:
  • Processes and requirements
  • IT Security infrastructure, configurations, challenges and their staff's strength and limitations
  • Prompt resolution of issues

Operations activities will focus in the following areas:

  • Configuration Management
  • Release and Deployment Management
  • Change Management
  • Service Validation and Testing
  • Event Management
  • Incident Management
  • Problem Management
  • Knowledge Management
  • Support & Assistance

Configuration Management:


Configuration Management activities are intended to ensure that Trellix components of the solution are identified, baselined, maintained, and existing configuration records are updated.


  • Maintain information about the configuration items of the overall solution
  • Configuration items may vary in complexity depending upon the component or product
  • Identify, control, record, report, audit and verify configuration items including versions, baselines, components, attributes, and relationships between components of the solution.

Release and Deployment Management:

Release and Deployment Management activities will focus on developing, testing, and validating solution capabilities will meet stakeholder requirements.

  • Minimize unpredicted impact on production services
  • Use the development (Lab) environment for testing prior to production deployment
  • Assist Customer/Partner Project Management with documentation of release and deployment timelines and schedules for phased production deployments

Change Management:


Change Management activities are intended to ensure that changes are recorded, evaluated, prioritized, planned, tested, implemented, documented and reviewed in a controlled manner.

The Change Management process should be planned in conjunction with Release and Deployment Management.

  • Evaluate solution requirements and changes
  • Assess risks related to changes; seek advice of the team for impacts to other products within the solution
  • Represent planned changes in Change Advisory Board meetings
  • Implement changes to meet customer objectives

Service Validation and Testing:

Perform validation testing of the Trellix Security solution.

  • Document a set of Trellix testing activities used to perform product or solution testing
  • Work with other team members to perform system validation activities prior to production deployment
  • Assist with policies, finetuning the alarms, rules, parsers
  • Assist with creation of custom parsers if required for nonsupported data sources

Event Management:

Event Management monitors events that occur throughout the Trellix SIEM infrastructure. Activities will focus on monitoring normal operations to detect and escalate exception conditions.

  • Review events
  • Analyse events in the overall context of the solution
  • Review event filtering
  • Review dashboards
  • Review use cases and ensure the implemented use cases are working as intended
  • Reduce false positives while balancing false negatives
  • Configure server notifications
  • Review automatic responses
  • Ensure the existing parsers in the environment work as intended

Incident Management:


Incident Management concentrates on restoring unexpectedly degraded or disrupted service to users as quickly as possible in order to minimize business impact.


  • Configure Trellix ePO, SIEM, NSP for notifications
  • Discuss current escalation practices and procedures

Problem Management:

Problem Management involves problem isolation, troubleshooting, and resolution. Activities related to root-cause analysis may be performed to determine and resolve the cause of incidents. Proactive activities to detect and prevent future problems are performed and reviewed with the customer.

  • Assist with problem isolation efforts
  • Seek advice within the team or escalate to Product Support for additional assistance
  • Develop after action reports and root cause analysis documents
  • Review the configuration of related components to proactively prevent additional or subsequent failures
  • Isolate issues and assist with troubleshooting issues related to unknown events

Knowledge Management:


The ability to operate the solution rests to a significant extent on the ability of those involved to respond to circumstances based on their understanding of the situation, the options, consequences, and benefits.


  • Brief stakeholders on events, issues, incidents and recommended corrective action plans
  • Develop after action reports and root cause analysis documents
  • Develop known error records
  • Share and disseminate information within the team
  • Reduce time and effort required to support and maintain solutions
  • Reduce time to find information for diagnosis and remediating incidents and problems

Support & Assistance:


  • Engage and manage incidents arising from product
  • Work closely with Trellix Technical Support for resolution
  • Deve
More jobs from CYBER SENSE TECHNOLOGIES PTE. LTD.
See all jobs of CYBER SENSE TECHNOLOGIES PTE. LTD.