About the role
You will join a high performing global distributed team providing security monitoring and incident response to the organization through industry best practices, automation, and development with digital playbooks.
You will have opportunities to be further involved with other security functions such as engineering, cyber threat intelligence, and network security.
You will need passion, grit and an engineering mindset to succeed in this role. If you are motivated by this challenge, eager to stay with the forefront of technologies and help to develop our future ways of working with cloud services, this is the right position for you.
The position is located in Singapore and will report to the Head of Security Network Operations Centre. What you will do
What you need
- Support security monitoring and incident response leveraging Security Orchestration Automation and Response (SOAR) platform
- Perform daily triage and analysis of alerts from partners, detection tools and custom detections.
- Be part of the incident response team as necessary.
- Contribute to detection engineering for research and creation of new alerts as well as improving alerts
- Respond to operational and security incidents, ensuring the containment, eradication and recovery of services when required
- Analyse attack attempts to understand adversaries
- Standby duties (on-call WFH) as required
- Bachelor's Degree in Computer Science or any related field
- Knowledge of security technologies and concepts including:
- Public Cloud (AWS), EDR (Microsoft Defender for Endpoints),E-mail filtering and analysis (Office365 / Exchange Online), SIEM / Splunk Security Operations, Palo Alto Security Platform
- Knowledge of Incident Response, Traffic and Malware Analysis, Forensics, and analysis of security and infrastructure logs
- Understanding of computer network exploitation (CNE) and computer network defense (CND) concepts
- 2 years' experience from Security Operations or similar is good to have
- Experience with security automation and scripting including Azure DevOps, Ansible and Python
- Up-to-date security certifications (e.g. GIAC, AWS, MS SC-200, MS AZ-500, Palo Alto, Splunk)
Interested candidates may send in their resume and cover letter directly to [ Email address blocked ] (R1434374), stating the position as the subject title in the email.
Jireli Gem Mejia Cabria EA License No.: 02C3423 Personnel Registration No.: R1434374
- Amazon Web Services
- Cloud Computing
- Forensic Sciences
- Global Information Assurance Certification