Our European client is an innovative, independent provider of tailored cyber and media security solutions to enterprises and public sector institutions. ​Their team of security experts delivers end-to-end consulting, technology, managed services, and threat intelligence to help organizations build and run successful security programs.
​There is a new role available in the Singapore office.
Security Operations Engineer (client facing)
If you:
• Are passionate about cybersecurity and are constantly developing your knowledge
• Are customer oriented and highly motivated by providing excellent client satisfaction
• Are at ease in a fast-paced environment and able to get out of your comfort zone
• Are a self-driven technology professional familiar with Security Operations
This position could be for you.
Your responsibilities will cover the following:
• Threat Monitoring
o Be the main point of contact of the Cyber Fusion Center at the client’s side
o Support standard Cyber Fusion Center activities (Threat Monitoring, Security Device management, Endpoint Detection and Response, Vulnerability scanning services)
o Investigate/Remediate incident escalated by the Cyber Fusion Center or Client’s internal units
o Write specific incident response playbooks for the Client
o Define, test, deploy or perform specific use cases and correlation rule, threat hunting activities and threat intelligence activities for the client
o Support large scale incident response activities
• Service improvement
o Perform rules tuning of client SIEM in operation
o Support rules factory program in improving the global set of detection
o Qualify, analyze, and provide recommendations for new standard data source requests
o Support Product teams to build best new services to fit with Operations capabilities
o Contribute to client’s security projects
o Implement new tools or scripts to increase security operations’ efficiency
• General responsibilities
o Take responsibility for customer satisfaction and overall success of managed services.
o Recommend improvements for Standard Operating Procedures o Propose enhancement on tools and workflow
o Document actions in tickets to effectively communicate information internally and to customers.
o Adhere to policies, procedures, and security best practices.
This role involves:
• Being able to integrate and build trust with the client’s team and to work in the client’s environment.
• Being at ease working with different teams internally and in the client’s environment
Your aim is to play an active role in helping to provide clients with the best experience through their journey into ​the company's Managed Detection and Response Service and help them reduce their security visibility gaps and improve their security posture.
You are
• Passionate about Cybersecurity and oriented to provide excellent client satisfaction.
• Team-player who is willing work closely with our internal stakeholders to help them optimize their deliveries
• Transparent, and able to share/take constructive feedback to help us aim at the greater good
• At ease with solving complex problems by seeking end-to-end and scalable solutions
• Dynamic, with strong interpersonal and communication skills
• Able to handle and prioritize parallel tasks with multiple interfaces
• Autonomous, self-taught, and willing to continuously develop new skills and knowledge
• Able to handle and prioritize parallel tasks with multiple interfaces
• Fluent in English
You have
• Minimum 3 years’ experience in information security, particularly in cyber operations
• Excellent client service skills
• Knowledge of incident response processes (detection, triage, incident analysis, remediation and reporting)
• Experience with one or more of the following technologies: EDR/NGAV, SIEM (in particular Splunk), Vulnerability Scanning, Managed Attacker Deception, SOAR
• Experience reviewing and analyzing log data, network packets captures
• Strong knowledge of Windows/Linux OS, network protocols, scripting languages
• Good knowledge in cyber security threats and tactics
• Good knowledge in Cloud and OT/ICS technologies
• An in-depth understanding of information security industry forces and trends
• An excellent knowledge of the security landscape and different security visibility solutions (SIEM based visibility vs EDR).
These would be a plus: • CISSP/CCSP/OSCP/CEH/ITIL and other general security certifications • Technical certifications on vendors’​ product, in particular Splunk • Any other languages are an asset