Key Responsibilities
- Carry out implementation, maintenance, support and operation of the project's security monitoring use cases and automation playbooks.
- Maintain understanding of the architecture and work with security team to understand the use case and playbooks to be created.
- Identity, evaluate and recommend new areas of improvements for the implementation.
- Perform day to day operational task, scheduled change requests, troubleshooting and maintenance of the implementation.
- Create, finetune and maintain SIEM data sources, use cases, correlation rules and security alerts classifications
- Create, finetune and maintain SOAR playbooks
- Create and maintain UEBA use cases
Requirements
- At least 3 years of experience in security operations in a SOC environment
- At least 2 years of experience in creating, finetuning and maintaining correlation rules and playbooks
- Working experience in powershell, bash and/or python scripting
- Strong troubleshooting and analytical skills for resolving issues and delivering updates to stakeholders
- Basic project management skills
- Positive working attitude and a team player
- Passionate in information security and keen attitude to learn
- Professional certificates such as AWS Certified SysOps Administrator Associate, Microsoft Azure Administrator Associate, GCP Associate Cloud Engineer, equivalent or more.
- Disciplines in Computer Science, Computer or Electronics Engineering, Information Technology or related qualifications
- Professional certificates such as SANS (such as SANS GCDA, GCIA, GDSA, GMON) would be an advantage