网络高级工程师

Job Summary:

The Security Operations Specialist will be responsible for supporting daily IT security operation including identity access management, change and configuration management, performing user acceptance testing (UAT) for new applications, handling privileged account review with maker-checker support, and ensuring compliance with internal policies and external regulatory requirements (e.g., CRAF, PCI). This role requires close coordination with cross‑functional teams, including IT helpdesk, change management governance, and privileged access administration.

The ideal candidate will be detail‑oriented, proactive, and capable of managing multiple tasks in a fast‑paced environment, with a strong understanding of IT security operations and change management processes.

Key Responsibilities:

Security Operations & Monitoring

• Support identity access management including account provisioning, recertification and departure.
• Perform User Acceptance Testing (UAT) for new applications (Maker / Checker processes).
• Monitor security reports, access and audit log via SIEM and investigate exceptions.
• Support privileged account provisioning and privileged access management
• Handle leaver cases, ensuring timely deactivation of accounts and revocation of access.
• Maintain VPN monitoring, status tracking, and exception reporting.
• Conduct account reviews during compliance checks (e.g., CRAF, PCI).
•  

Change Management & Compliance

• Review submitted Change Request (CR) forms for completeness, accuracy, and policy compliance.
• Coordinate and obtain approvals for standard, expedited, and emergency CRs, ensuring proper documentation, justification, and post‑implementation review.
• Prepare and distribute CAB (Change Advisory Board) meeting materials, capture decisions, and track follow‑up actions.
• Prepare change management reports for governance and audit purposes.
• Conduct change management reviews during compliance checks (e.g., CRAF, PCI).

Education Requirements:

• Bachelor’s degree in Information Technology, Cybersecurity, or a related field.
• Relevant professional certifications are a plus (e.g., ITIL Foundation, etc.).

Experience Requirements:

• Minimum 2 years’ experience in IT security operations and IT service management.
• Hands‑on experience with privileged identity management (e.g. CyberArk PIM) and privileged access management tools (e.g. CyberArk PAM).
• Experience in access log or audit log searching or investigation via SIEM
• Experience in compliance frameworks such as PCI DSS, CRAF, or equivalent is preferred.
• Strong coordination skills for cross‑departmental meetings and approval workflows.
• Experience in change management or service management tools like service now, Jira service management is preferred
• Experience in configuration management tools like CMDB, BMC, Helix is preferred

Skills & Competencies:

• Understanding of IT security principles and best practices.
• Knowledge of ITIL processes (Change Management, Incident Management, Service Request Management).
• Strong organizational and documentation skills.
• Proficient in Microsoft 365 and reporting tools.
• Ability to manage multiple priorities under tight deadlines.
• Excellent communication and stakeholder management skills.