Job Description
- Conduct risk assessment of the infrastructure to help identify security risks, and determine appropriate controls to mitigate risks.
- Monitor and manage security incident response activities and detection alerts, and remediate security vulnerabilities. This includes conducting in-depth root cause analysis by identifying and investigating issues, collaborating with other teams to assess their impact on the business, and implementing appropriate remediation and mitigation measures.
- Develop and implement initiatives that enhance the information security team to effectively address and mitigate security incidents.
- Continuously improve the internal security detection system by actively analyzing internal incidents and threat intelligence data.
- Provide comprehensive support for special security or regulatory driven projects throughout the lifecycle.
Requirements
- Bachelor’s degree or higher in Computer Science, Information Technology, Programming & Systems Analysis, Engineering, or other related fields
- At least 5 years of relevant experience in security operations, incident response, or malware
- Proven ability to analyze event and system logs, and perform packet and forensic analysis, with at least 1 years of experience supporting intrusion investigations.
- Experience with and the ability to autonomously lead incident investigations
- Proficient knowledge of security best practices and key security technologies such as SIEM, IDS, etc
- Experience with Linux and Windows administration, including system authentication, patch deployment, system configuration and security controls
- Hands-on experience with security automation, including the creation and execution of alert response runbooks will be advantageous
- Proficient in scripting languages such as Python, PowerShell scripts, and bash for various security-related tasks is a plus
- Experience with regulatory compliance is a plus
