Cyber Security Specialist

Security (Information & Communication Technology)

At Orica, it’s the power of our people that leads change and shapes our futures. Every day, all around the world, our people help mobilise vital resources essential to progress. Established in 1874, we have grown to become the world leader in mining and civil blasting with a diverse team of more than 13,000 across the world.  It’s an exciting time to join us – we are shaping the future of mining through digital and automated technologies, embracing new ways of thinking, pioneering innovation, and reimagining the way we work.

 

About the role

We are delighted to announce that we are currently accepting applications for the position of Cyber Security Specialist, offering a hybrid working arrangement to be based in our office in Pasig City, Philippines. The Cyber Security Specialist entails carrying out fundamental cybersecurity tasks such as managing threats and incidents, conducting vulnerability assessments, evaluating and authorizing technical modifications, generating metrics reports, and fulfilling other operational cyber security needs. Reporting to Lead Cyber Security Operations, the Cyber Security Specialist would handle the examination and resolution of security alerts, offer incident response and analysis, and collaborate with fellow security engineers to create and deploy technical measures for countering security risks and streamlining repetitive tasks. This role requires performing support during after-hours and would be rostered on call.

 

What you will be doing

• Manage, triage, escalate, and drive satisfactory resolution of end-user’s technical support, service and infrastructure issues based on Zscaler products and related network security technologies.
• Manage tickets and drive resolutions of issues, where it will be expected to plan, schedule, and implement Zscaler web and other network solutions for end-users, business segments and service providers.
• Expected to take support escalations from various Orica locations and help the Support team from time to time.
• Expected to be available to be on call to support cases arising across multiple time zones. 
• Create and facilitate communication channels between the various IT Support teams and ZTAC and other vendors.
• Proactively develop, deliver, and monitor and notifications of all forms arising from Zscaler products and technologies within the enterprise environment.
• Expected to be available to be on call to support cases arising across multiple time zones. 
• Proactively monitor reporting information and policy configurations of Zscaler technologies as part of the overall security hygiene of the organization, including identifying root cause and make proactive recommendations to improve the overall posture of the infrastructure.
• Help develop and maintain best practices for implementing and supporting Zscaler products in both internal and customer-facing Knowledge Bases
• Maintain intimate knowledge of all Zscaler products and services.
• Provide clear and constructive product feedback to Zscaler Product Management based on organizational requirements.
• Monitor alerts across Security Stack and provide advanced detection and response service though security event analysis review.
• Help navigate Orica staff from incident response triage into the incident response process if findings are substantiated.
• Work with the senior security engineers and analysts in fine tuning the security systems removing any false positive alarms.
• Monitor the performance of security solutions to identify and bring to attention breaches and potential intrusion incidents.
• Monitor security logs and alerts from various sources, including intrusion detection systems, Endpoint Detection and Response (EDR) systems, and security information and event management (SIEM) tools.
• Execute security response actions, including full remote remediation of endpoints.
• Perform threat hunting and proactive analysis to identify potential security risks and vulnerabilities.
• Implement security frameworks including CIS Benchmarks, ASD Essential 8 on Orica systems.
• Handle cyber security incidents in conjunction with the existing service providers from detection through to completion including maintaining incident response documentation, post-mortem root cause analysis, writing incident reports and providing lessons learnt and enhancements required.
  
   

What you will bring

• Tertiary level qualification in IT related discipline; or related industry qualification and industry experience.
• 3-5 years of combined experience in mixed IT Operation / Security Operation roles
• Experience in implementing/ supporting web security and proxy and firewall security solutions.
• Knowledge on ZScaler products (ZIA, ZPA, PRA and ZDX) is a great advantage.
• Understanding of Various routing and switching architectures (Cisco, Juniper, FMC and FTD, Palo Alto, etc) is an added advantage.
• Experience in high-tech networking and information security industry.
• Strong Troubleshooting and end-user management skills is a must.
• In-depth understanding of enterprise networks infrastructure and Security infrastructure
• Fundamental understanding of application networking including OSI layer stack, TCP/IP stack and overall practical knowledge of the protocol workflow e.g. DNS, TCP, UDP, SSL/TLS, ICMP, FTP, etc
• Hands-on experience in working with network troubleshooting tools like Wireshark, WinMTR, Fiddler, etc.
• Experience in l2/l3 protocols and devices, advanced security concepts like IPS/IDS/DLP, authentication protocols like SAML/LDAP.
• Strong background on Security Incident lifecycle and Incident response framework.
• Experience with incident interpretation received from Cyber Security Operations Centre (SOC) and defining tasks required to deliver resolution. 
• Preferably some experience in developing and maintaining Vulnerability Management process and procedures – Qualys, CrowdStrike Falcon Spotlight, Tenable.
• Good understanding of SIEM and other infrastructure level technologies -Windows, Linux, VMware, Azure, AWS and O365.
  
   

What we offer

As part of a truly global company, you will have the ability to grow and learn in a diverse, collaborative culture. We foster relationships and learning through connected global and local teams, promote flexible and diverse career paths and support the development of your knowledge and skills.  You will be paid a competitive salary, learn from talented individuals across multiple disciplines and be able to thrive in a safe workplace within a collaborative culture. Ignite your career at a place where your distinct potential can find its home.

 

We respect and value all

Orica promotes and fosters a culture of inclusion and Equal Opportunity Employment everywhere we operate. We treat our people and applicants with fairness, dignity, and respect, getting the best of everyone’s contributions.  All qualified applicants will receive consideration for employment without regard to race, religion, sexual orientation, gender perception or identity, nationality, military, or veteran.

At Orica, it is the power of our people that leads change and shapes our futures.

Every day, all around the world, our people help mobilise vital resources essential to progress. Established in 1874, we have grown to become the world leader in mining and civil blasting with a diverse of team of more than 13,000 across the world.

It is an exciting time to join us – we are shaping the future of mining through digital and automated technologies, embracing new ways of thinking, pioneering innovation, and reimagining the way we work.

At Orica, it is the power of our people that leads change and shapes our futures.

Every day, all around the world, our people help mobilise vital resources essential to progress. Established in 1874, we have grown to become the world leader in mining and civil blasting with a diverse of team of more than 13,000 across the world.

It is an exciting time to join us – we are shaping the future of mining through digital and automated technologies, embracing new ways of thinking, pioneering innovation, and reimagining the way we work.

Don’t provide your bank or credit card details when applying for jobs.

Researching careers? Find all the information and tips you need on career advice.