- Good knowledge of IT security controls, patch management and be involved in operations of Enterprise ICT infrastructure.
- Working experience and fine-tuning/whitelisting with SIEM, EDR, WAF, DAM, IPS/IDS and Anti-Malware systems.
- Experience in Use case creation, log source enablement for SIEM and automation with SOAR.
- Threat Hunting and spoofed email analysis.
- Experienced with security practices of Internet, Intranet, WAN and Cloud networks.
- Good knowledge of Network, Architecture and Windows/Linux OS fundamentals e.g. IP addressing, AD, DNS, DHCP, IIS, MSSQL and SFTP.
Knowledge in the following area will be an added advantage:
- Must have working experience in security operations centre, ICT project implementations and support.
- Must have hands-on practical experience in configuring and monitoring security systems including SIEM, EDR, WAF, DAM, Anti-malware, Log Management System, Intrusion prevention/detection systems, security patch management and security incident response.
- Experience in IM8 compliance or other cyber security frameworks e.g. NIST, ISO 27001, CIS. Experience in Windows/Linux Hardening. Security testing knowledge or certification for vulnerability assessment, penetration test and source code review will be a strong advantage.