Cyber Security Operations Analyst – L2

We have an exciting opportunity for a Security Operations Analyst – L2 to join us in Hong Kong

 

Key Responsibilities

Daily Operations

  • Triaging, investigating and management of ongoing Cyber Security Incidents.
  • Day to day management of the NDR, EDR and SOAR platform
  • Support in the creation of operational documents such as- use cases, play/run books
    and training materials) on incident response, and ensures regular updating of these
    documents.
  • Support in the creation of various metrics, reporting, review of incident progress and
    compliance status
  • Support Regional Security Operations to ensure the Security posture of business units
    are under proper measure, monitor and manage.

SOC Incident response

  • Support the SOC Manager on incident management and remediation.
  • Manage incidents
  • Report on incidents
  • Assist on developing new ideas on how to improve the security operations, creates
    technical procedures, handling guidelines and playbooks.
  • Where appropriate working with the global SOC responding and resolving events
    generated by the SIEM

 

Forensics and Malware

  • Conduct Forensic investigations to facilitate such things as root cause analysis,
    evidence of malicious insider and data breaches.
  • Investigate Malicious files and package to ensure RCA, and be able to provide those findings to the relevant stakeholders to further secure our environment

Security Projects & Deployments

  • Supports in the implementation of the SOC, its security tooling and the resourcing.
  • Supports other projects at the discretion of the Senior Manager Cyber Security Operations.

Person Specification

 

  • Degree holder in Computer Science or related disciplines, or appropriate
  • extensive experience.
  • GIAC Cyber Security Cert or CISSP qualification is a big plus.
  • At least 3-5 years experiences in Information Security
  • Proficient in utilising Splunk within a SOC and Incident Response environment.
  • Experienced with Endpoint/Network Detection and Response, preferably
  • Crowdstrike and Vectra.
  • A sound understanding and working experience of Security Orchestration and
  • Response tooling, preferably Cortex XSOAR.
  • Hands on Cyber security incident management within a SOC environment.
  • Strong problem-solving skills and fast learner.
  • Solid experiences on Information Security Management System and IT Service
  • management.
  • Liaison skill & teamwork, passion & commitment mentality
  • Good interpersonal and communication skills.
  • Fluent in spoken and written English

Technical Requirements

  • A sound understanding and knowledge of using Splunk in a SOC environment.
  • Broad knowledge of cyber security concepts including antivirus and malware
  • protection, vulnerabilities, web and application security.
  • Solid support experiences of enterprise security tools such as Enterprise Anti-virus,
  • Vulnerability Management, EDR, SIEM, SOAR and other supporting tools.
  • Well experienced in security incident handling.
  • Experience in various ticketing tools.

Ref:

657810

Posted on:

June 18, 2021

Experience level:

Experienced Professional

Contract type:

Permanent Full Time

Location:

Hong Kong

Business units:

Cloud Infrastructure Services

Department:

Cyber Security