About the role
The position is part of our SOC team, and is responsible for real time security event monitoring and security incident investigation.
Responsibilities:
- Continuously monitor security alerts queue and perform initial triage to identify any false positives and initiate escalations as necessary.
- Monitors health of security sensors and managed infrastructure, and provide necessary support, including onsite troubleshooting, root cause analysis, incident reports.
- Manage ticket queue and take ownership and responsibility of tickets assigned, within agreed SLA.
- Collects data, evidence, and context necessary for Level 2 escalation.
- Works closely with Level 2 & Level 3 team towards the continuous improvement of the service.
- Ensure that daily operations and tasks are properly completed or followed up.
- Escalate issues and liaise with subject matter experts as required to resolve issues.
- Support After-office hours activities and standby requirements as necessary.
- Prepare scheduled and ad-hoc report and documentation.
Candidate requirements:
- Diploma/Degree in Computer Science/Computer Engineering/Information Engineering/Cybersecurity or equivalent.
- At least 2 years hands-on experience with security solutions and tools such as Firewall, Proxy, EDR, PAM, IDS/IPS, SIEM, DLP, CASB etc.
- Basic understanding of common networking protocols and system infrastructure.
- Strong analytical, problem solving and interpersonal skills.
- Keen Interest in cyber security domain and developing skillsets in new technologies.
- Proficiency in one or more general-purpose programming languages (Perl, Python, PHP, Shell, .Net or Java etc) will be a plus.
- Ability to work independently, under the general guidance.
- Support after office hour and during weekend/public holiday.
- Working experience and knowledge on system infrastructure with interest of exploring security product also welcome to apply.
- Leadership roles are available for engineers with relevant experience in cybersecurity domain.
