Responsibility
• Responsible for continuous monitoring, tracking and closure of security events and requests from managed SOC, systems and users.
• Work with the Incident Manager in incident response to minimize the impact of a security incident to our organisation.
• Responsible to enhance and drive improvements of SOC detection and response playbooks, and design new security incident playbooks, process and operational procedures, including providing communications with other teams, evidence collection and other documentation.
• Stay current with the latest Cyber threats, Attacks and vulnerabilities, and updated with the evolving and emerging attack techniques and methods.
Requirements:
• Minimum of (3) three years direct Information Security experience in a security engineer, architect, consultant or a similar role, preferably with incident management experience in a SOC environment.
• Strong practical experience in Cyber security: Cyber kill chain, TTP, threat intelligence, malware triage.
• Strong understanding of Different Attacks on System, Network, Applications.
• Strong knowledge in Internet infrastructure, networking technology and network security (i.e. DNS, DHCP, Firewall, WAF, IDS, IPS, VPN, APT and TCP/IP protocols) and experience in Splunk preferred.
(此为必要条件,不满足者请不要投递简历)
Mandatory Skills:
1. SIEM
2. Cyber kill chain
3. TTP
4. Threat intelligence
5. Malware triage.
6. SOC Analyst
7. Cybersecrity
8. IT Risk
9. Network Security
10. Splunk
Preferred Skills:
• ISSP, CEH
• GIAC Information Assurance Certified Intrusion Analyst (GCIA)
• GIAC Information Assurance Certified Incident Handler (GCIH)
工作地点:新加坡