%20PTE.%20LTD..png)
Job Description Summary
Our Security Solutions team works closely with other security engineers to deliver security solutions to the project for our customers. You will play a part in the team to research, design, architect and implement security solutions such as Endpoint Protection, Endpoint Detection and Response (EDR), SIEM, SOAR, Threat Intel Platform, etc.
If you are someone with a strong passion in security technologies and is a team player who strives in a team setting, we welcome your application!
Key Responsibilities
- Carry out implementation, maintenance, support and operation of the project's security solution platforms.
- Maintain understanding of the architecture and work with security team to understand the use case and playbooks to be created.
- Identity, evaluate and recommend new areas of improvements for the implementation.
- Perform day to day operational task, scheduled change requests, troubleshooting and maintenance of the implementation.
- Develop and maintain automation infrastructure for build and maintenance of security solutions
- Managing of security solutions, including patch management such security solutions.
- Support vulnerability assessments by reviewing and providing remediation to the security hardening of the security solutions.
- Involvement in improving and evolving workflow, processes and best practices to increase system maintenance efficiency and security standards.
- Sharing of knowledge through technical documentation, knowledge based articles and sharing sessions with fellow peers in the team.
- Collaborate with relevant parties and provide consultation as a Subject Matter Expert (SME) to deliver final project outcome
- Reviewing and finetuning firewall rules and IPS signatures for enhanced security controls
- Test and update Endpoint Protection and EDR signatures
- Extracting quarantined malware for reverse engineering
- Creating and maintaining EDR blacklist
- Onboarding new log sources to SIEM and Data Lake
- Crating and maintaining log parsers / data flow for onboarded logs
Requirements
- At least 3 years of experience in providing technical support and administration of the security solutions (Endpoint Protection, EDR, SIEM, SOAR, Threat Intel Platform, etc)
- Working experience in powershell, bash and/or python scripting
- Strong troubleshooting and analytical skills for resolving issues and delivering updates to stakeholders
- Basic project management skills
- Positive working attitude and a team player
- Passionate in information security and keen attitude to learn
- Professional certificates such as SIEM Certified Administrator, SIEM Certified Architect, SOAR Certified Administrator, equivalent or more.
- Professional training or certificates in Splunk, McAfee, Carbon Black, Anomali, RSA SecurID will be an added advantage
- Disciplines in Computer Science, Computer or Electronics Engineering, Information Technology or related qualifications
