Principal Job Functions
1. Monitor developing cybersecurity events around the world, and escalate to L2 team if relevant events are observed
2. Performs monitoring, risk assessment and analysis on security tools such as Anomaly Detection systems, Firewalls, Antivirus systems, Proxy devices
3. Follow pre-defined actions to handle security alerts including escalating to L2 team and other support groups
4. Execute daily ad-hoc tasks or lead small projects as needed
5. Participate in daily and ad-hoc documentation related tasks
6. Create and maintain operational reports for Key Performance Indicators and weekly and Monthly Metrics
7. Perform assessment phase of Vulnerability & Threat Management process
8. Receive threat intelligence from feeds the Group subscribed to and update to Threat Intel knowledge base
9. Be ready to support any security incident response investigation in the Group regardless of location and environment
10. Work closely with Team Lead to review, provide feedback and take actions to improve the methodology use in the Security Operations
11. Responsible to ensure all tickets logged are closed correctly and timely
12. Ensure timely submission of routine reports on threats, vulnerabilities and incidents handled by the Security Operations Center
13. Keep the Security Operations Center runbooks and procedures updated
Recommended prerequisites:
1. 1+ years working in security operations, preferably with incident management experience
3. Familiar with security products and network devices
4. Extensive technical experience with network security practices including Intranet, Extranet and Internet access
5. Technical experience with UNIX, AIX, Linux, Windows
6. Knowledge of TCP/IP, DNS, web, wireless security architectures and enterprise-grade security solutions
7. Knowledge of encryption and authentication methods such as 2FA, DES/AES/RSA, Digital Certificates, SSL/TLS, IPSec and development of DMZ’s
8. Knowledge of intrusion detection (deep TCP/IP knowledge, and cybersecurity), various operating systems (Windows/UNIX), and web technologies (especially internet security)
9. Able to read and understand packet level data, handle Network/Host Security products (NIDS/NIPS, firewalls, HIPS, AV, scanners, etc.) and understand security events from these tools
10. Able to perform vulnerability assessment and manage such tools/processes, as well as application penetration testing or forensic analysis fields
Note: 24*7 Shift work required (working in 3 rotational shifts)
---------------------------
Please refer to U3’s Privacy Notice for Job Applicants/Seekers at https://u3infotech.com/privacy-notice-job-applicants/. When you apply, you voluntarily consent to the collection, use and disclosure of your personal data for recruitment/employment and related purposes.