MCPNew: now works with Claude & AI assistants
northbay

northbay

Website

Secop Engineer

Save to Mokaru

Company

northbay

Role

Secop Engineer

Location

Karachi, Sindh

Job type

Full-time

Found on Mokaru

2 weeks ago

Share this job

Salary

Not disclosed by employer

Job description

Objectives The key objectives of this engagement are to

  • Augment Client ’s Security Operations with experienced L1, L2, and L3/L4 resources
  • Ensure uninterrupted 24x7 operational support for infrastructure security platforms
  • Improve turnaround time for BAU security requests and operational tasks
  • Support proactive security operations through structured preventive maintenance
  • Ensure consistent MIS reporting and operational visibility
  • Maintain strict adherence to Client ’s governance, compliance, and ITSM processes
  • Scope of Services 3.1 Service Model & Coverage
  • 24x7 operational coverage , including shift‑based coverage and on‑call support
  • Resources will operate under Client ‑defined processes, tools, and controls
  • Vendor will provide staffing, backfill, and continuity of service
  • All operational priorities, approvals, and SLAs are governed by Client 3.2 Team Composition (Total: 10 Resources) Role Quantity Primary Focus L1 Security Analyst 3 Triage and fulfill BAU tasks, ticket handling, basic troubleshooting, standard changes, log monitoring and reporting, documentation, and common mailbox monitoring. L2 Security Engineer 5 Advanced BAU, troubleshooting, complex changes, RCA, audit evidence etc. L3/L4 Security Engineer 2 Engineering, hardening, architecture support, policy review/design, complex troubleshooting, DR support, governance inputs.

Note: Backfill must be provided for planned and unplanned leave to ensure uninterrupted coverage.

  • Roles & Responsibilities 4.1 Core BAU Security Operations Vendor resources shall support Client teams in the following activities but not limited to:
  • Firewall policy and ACL implementation and troubleshooting
  • WAF / IPS / Guardium Management
  • VPN / MFA / token administration
  • Website and proxy whitelisting
  • Blocking indicators of compromise (IoCs)
  • Endpoint security administration (AV, EDR, DLP)
  • Security mailbox and queue monitoring
  • Configuration management for in‑scope security technologies
  • Support for audit, compliance, and evidence preparation
  • Participation in disaster recovery drills and readiness activities
  • Impact and root cause analysis
  • Adherence to standards and changing management policies
  • Audit, security and regulatory compliance knowledge
  • Configuration management
  • Supporting BAU tasks
  • Daily backup & log monitoring
  • DR activities support
  • Preparing SOPs
  • Firewall rule review & audit support
  • Device baseline/hardening & vulnerability remediation coordination
  • Adherence to ITSM processes (Incident, Change, Problem) & SLAs 4.2 MIS Reporting (Mandatory Responsibility) The vendor is responsible for producing accurate, timely, and complete MIS reports , aligned to Client formats and requirements. Reports include, but are not limited to:
  • Ticket volumes and status
  • BAU request metrics (ACLs, tokens, whitelisting, endpoint actions)
  • Preventive maintenance execution status
  • Risks, issues, and dependency tracking
  • Operational trends and observations Qualifications Education: Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field. Experience: L3/L4 10+ years of experience in IT security operations, L2 7-10 years of experience in IT security operations L1 Minimum of 3 years of experience in IT security operations. Certifications: Relevant industry standard certifications such as CompTIA Security+, CheckPoint, Palo Alto, WAF etc.. Skills: Strong knowledge of IT security operations practices. Proficiency in security solutions mentioned in Tech Stack. Excellent problem-solving and analytical skills. Strong communication and interpersonal skills.
  • Preventive Maintenance Responsibilities Vendor resources shall execute preventive maintenance activities under Client direction, with clear documentation and reporting. 5.1 Daily Activities
  • Health checks for in‑scope security platforms
  • Log and alert monitoring
  • Backup verification checks
  • Queue and mailbox monitoring
  • Daily operational checklist updates 5.2 Weekly Activities
  • Review of firewall rules and recent changes
  • Patch and signature status validation
  • Capacity and performance checks
  • Weekly MIS and operational summary 5.3 Bi‑Weekly Activities
  • Configuration drift checks
  • Review of recurring incidents and BAU trends
  • Validation of backup success and restore readiness 5.4 Monthly Activities
  • Preventive maintenance execution report
  • Firewall, endpoint, and security platform posture review
  • SLA and operational metrics reporting
  • Audit and compliance evidence preparation 5.5 Quarterly Activities
  • Security posture and hardening progress review
  • Firewall and policy optimization review
  • Trend analysis and improvement recommendations
  • Participation in quarterly governance reviews 5.6 Annual Activities
  • Annual disaster recovery exercise support
  • Annual backup and restore validation
  • Security baseline and hardening review
  • Support for internal and external audits
  • Technology Environment (Indicative) Vendor resources must have hands‑on experience with technologies including, but not limited to:
  • Firewalls: Check Point, Palo Alto, Fortinet
  • Proxy / Web Security: Forcepoint, Zscaler
  • WAF / IPS / Guardium / DDOS
  • Endpoint Security: Trellix / McAfee, EDR, DLP
  • IPS / NGFW IPS platforms
  • Identity & Access: MFA / VPN token solutions
  • ITSM: BMC Helix (or equivalent)
Resume ExampleCover Letter Example

Explore more

northbay jobs
Browse more jobs