Provides technical and AS400 security leadership to the project teams, including the AS400 platform and application teams to complete Security Monitoring projects.
Serves as a technical resource around AS400 systems engineering and cyber-security expert for the AS400 platform native security logs including DB2 database and other security utilities in AS400, perform documentation, analysis of functional and non-functional requirements, solution development, testing/verification and deployment & operationalisation (develop Security Use Cases and playbook).
Lead to develop AS400 security policies and map to existing Low Level Security standards – implement the require security controls to meet these standards and policies.
Participates in infrastructure, application & security operations planning, providing insight into the future of their area(s) of technology.
Receives performance data and analyzes the performance of installed technologies/security products. Proposes and implements any required changes (including any security configuration), identifying and planning and integration requirements (e.g. MQ, FTPS, TLS certificates, Splunk SIEM).
Ability to think independently, work and communicate with others at all levels, and make progress efficiently.
COMPETENCIES (KNOWLEDGE & SKILLS):
Expert hands-on knowledge of IBM AS400 Security covering platform, database and application security design, implementation & configuration and monitoring.
Technical IBM AS400 platform and development. A large amount of hands-on AS400 development experience is required. Familiarity of the other technologies mentioned is required. Candidate must have the capability to adapt and learn new concepts quickly and collaborate closely with the team.
Expert knowledge of the AS400 Operating System and Hardware.
Good working knowledge of Splunk SIEM.
Holds at least a bachelor's degree in Computer Engineer or other related fields of study
Has at least 10 - 15 years of relevant working experience and Cyber Security certification (e.g. CEH, CISSP, CISM) will be added advantage.
Proven hands - on experience in the following areas: ( not mandate)
Security Operations/ Incident Response/Security Monitoring
Knowledge and experience in platform and database monitoring tools (i.e Imperva SecureSphere) is value added
Requires knowledge and experience in multiple disciplines within the AS400 domain, cybersecurity and excellent analytical skills
Uses best practices and understanding of internal and/or external business issues to improve service.