The Security Administrator ensures the availability and reliability of any equipment/solutions/platforms categorized by perimeter, network, and endpoint security components not limited to firewalls, web application firewalls, intrusion detection and prevention systems, antivirus or antimalware (EDR/XDR) of ORIX Metro Leasing and Finance Corporation including administration of server(s) operating systems where these services are running. Ensure the availability and reliability of any equipment/solutions/platforms categorized by network equipment, not limited to switches, routers and gateway devices, in the absence of the network administrator.
- Duties and Responsibilities:
Adheres to the organization's policies, procedures, and standards.
- Creates, implements, and reviews plans following the organization's goals and objectives.
Participates in technical research and development to enable continuing innovation.- Reviews, identifies, and recommends enhancements to policies, procedures, and standards with other groups in the organization following best practices or existing frameworks not limited to disaster recovery and incident response plans.
Participates in creating and reviewing disaster recovery and incident response plans, including testing and execution.
- Participates in disaster recovery and incident response plans tabletop, simulation, and actual exercises.
Assists the department head in conducting a self-risk assessment to determine the controls or response required to lower the impact when realized to the acceptable level set by senior management.- Performs asset discovery, identification of assets, risks and vulnerability assessment, and reporting.
Identifies and create procedures to remediate an asset's weaknesses following the configuration and change process.
- Reviews plans and activities to be conducted by the Information technology data center and user's operations department if changes impact the infrastructure's availability, reliability, and integrity.
Adheres to change management policies and procedures to lessen configuration mistakes that could lead to operational disruptions.- Reviews and creates actionable items according to the observations provided by internal or external audit and information security office that affects non-production and production environment.
Reviews and reports activities that resulted in an incident affecting availability and breach of data confidentiality and integrity.
- Guides and support the Information Technology Data Center and User's Operations Department and Information Security Office in containing and eradicating threats during a security incident.
Coordinates and guides stakeholders on project deliverables to ensure statuses are up-to-date, and tasks are correctly followed on systems affecting the information technology enabled services.- Consults and informs the immediate superior regarding enhancements or project activities that require his/her attention related to but not limited to incidents, problems, resources, or any information which requires the manager's attention.
Manages vendor's day-to-day activities in supporting the organizations operations.
- Conducts capacity management to ensure the availability and reliability of IT infrastructure.
Manages server operating systems where security tools and services are running for him/her to perform his/her day-to-day tasks or deliverables.- Monitors resources and user activities to ensure employees, devices or equipment access are in accordance with the duration or allowable timeframe, specifically staff(s) from Information Communication and Technology Division (ICTD).
Graduated with a BS in IT / Computer Engineering / ECE / Computer Science- At least 4 years of experience in the organization with a large 24/7, mission-critical operations environment supporting enterprise systems
At least 2 years experience as a security engineer or administrator
- At least 1 year of experience as a security analyst
At least 1 year experience as a support or desktop engineer
- Skill Competencies and Personal Attributes:
Knowledge of Windows and Linux Operating System Administration- Team player and process-oriented, able to work under pressure with knowledge in firewalls, web application firewalls, and endpoint security, including intrusion detection/prevention systems.
Being certified in information security or related fields is a plus.
Job Types: Full-time, Permanent
Benefits:
Life insurance
Schedule: Monday to Friday
Supplemental pay types:
Education:
* Bachelor's (Preferred)
