Responsibilities: -
- 24 x 7 triage, short-turn analysis of real-time security alerts & generate tickets, or escalation to L2 Security Analysts that are not in the Automation Runbook.
- 24 x 7 escalation to resolver upon receiving automated generated incident tickets on the health of SOCaS infrastructure, IT/OT managed security devices, or from the website defacement restorer activation alert.
- 24 x 7 manage problems till closure which include:
- Ensure that Service Level Agreements are met.
- Liaising with customers with regards to information security incidents
- Provision and performance of remedial actions to enhance customers' network security posture
Requirements:
- Fresh graduate/1 year working experience in IT Infrastructure Operation and/or Support.
- Willing to work with 24/7 shift pattern that includes weekend work.
- Sound fundamental knowledge on Internet technologies, such as TCP/IP, HTTP, SSL, DNS, OWASP Top10 and web servers (e.g. Apache, IIS, Nginx, etc.).
- Understanding of firewalls, endpoint detection and response (EDR), IDS/IPS, WAF, etc.
Desired Qualifications:
- Bachelor’s degree / Polytechnic Diploma in Computer Science, Information Technology or Information System.
- Experience in scripting (e.g. shell scripting, Macro, PHP, Perl, Java, etc.) and/or Regular Expression.
- Experience with TCP/IP packet analysis / network debugging with tcp dump or similar.
- Experience with web security concepts and technologies such as web application firewall, proxy.
- Experience general security technologies, processes, and concepts.
- Industry recognized security certifications (GCIA/GCIH, CISSP, CISA, CEH, etc.).
- Experience writing/decoding exploit, vulnerability, and attack detection signatures.
- Experience working with a SOC team is an advantage.
