EQ SEC OPS




A few things we’re great at


View how Alpha can aid your business.





Web application firewall


1. Collaborating with the Silverline SOC team.

2. Responsible for the migration of Applications from On-Prem WAF to Silverline Cloud WAF.

3. Providing support to the Applications behind the WAF for the App teams.

4. Performing BAU WAF tasks daily.

5. Creation and implementation of custom alerting dashboards in SIEM for investigations.

6. Regularly ensuring the adoption and maintenance of security-related policies.

7. Developing advanced alerts/reports to meet the requirements of key stakeholders.

8. Developing automation for security tools management and workflow integration.

9. Collaborating with key stakeholders within Information Security and Engineering teams to develop specific use cases to address distinct business needs.

10. Responding to WAF events and developing incident response plans.

11. Developing and maintaining response plans, working towards the improvement of established incident response procedures





DDoS


1. Reporting the DDoS to the Network team with enough sample packets and reports.

2. Established a DDoS run book.

3. Network engineering log analysis, implementation and log analysis report generation, and coordinating with network tram to remediate.

4. Working with EQ internal & external team to develop a DDoS prevention plan based on a thorough security assessment.

5. Working with EQ internal & external team to develop advanced intrusion prevention and threat management systems. This combines firewalls, VPN, anti-spam, content filtering, load balancing, and other layers of DDoS
defense techniques.

6. Working closely with the EQ teams to develop strong security practices that can keep business networks from being compromised.





Symantec EPP


1. Troubleshooting Symantec EPP agent issues on workstations and servers.

2. Troubleshooting issues with Symantec EPP firewall policies.

3. Creating, updating, and maintaining firewall policies for SEP groups per new business needs.

4. Providing support for upgrades to the Symantec EPP SW.





Detack (Enforcer)


1. Ensuring that all Domains, Windows, and Linux servers are provisioned for password enforcement. Implemented when servers are commissioned, decommissioned, and new domains are created

2. Working on deployment issues and resolve.

3. Supporting and maintaining Detack enforcer infrastructure.

4. Working closely with the Equitable security team to keep password policies updated as needed.





PKI


1. Handles endpoint-facing infrastructure (GPO for Autoenrollment; WiFi/NDS support; PKI CRL maintenance; Root CA operations; certificate template creation and review).

2. Handles server-side and domain-level maintenance as well as Root CA operations and certificate template creation and review.

3. Certificate template creation and review/approvals.

4. Fulfill Certificate Requests.

5. Perform certificate registration, revoke, and re-key.

6. Manage and track expiring certificates.

7. Ensure the certificate’s renewals and communicate any impact accordingly.

8. Timely publication of certificate status information.





SOX Reporting


1. Fulfilling SOX tickets requests.

2. Generating cyclic and ad hoc reports as needed.

3. Re-certification compliance of SOX activities.





IPS/IDS


1. Providing tool updates or process updates as needed