Cyber Security Analyst
Principal Job Functions
- Review system and application activities to detect abnormalities base on provided criteria
- Monitor developing cybersecurity events around the world, and escalate to L2 team if relevant events are observed;
- Performs monitoring, assessment and analysis on security tools such as Anomaly Detection systems, Firewalls, Antivirus systems, Proxy devices
- Follow pre-defined actions to handle security alerts including escalating to L2 team and other support groups
- Execute daily adhoc tasks or lead small projects as needed
- Participate in daily and ad-hoc documentation related tasks
- Create and maintain operational reports for Key Performance Indicators and weekly and Monthly Metrics
- Perform assessment phase of Vulnerability & Threat Management process
- Receive threat intelligence from feeds the Group subscribed to and update to Threat Intel DB;
- Be ready to support any security incident response investigation in the Group regardless of location and environment;
- Work closely with Team Lead to review, provide feedback and take actions to improve the methodology use in the Security Operations;
- Responsible to ensure all tickets logged are closed correctly and timely;
- Ensure timely submission of routine reports on threats, vulnerabilities and incidents handled by the Security Operations Center;
- Keep the Security Operations Center runbooks and procedures updated.
- 3+ years working in security operations, preferably with incident management experience
- Experience in the Banking industry will be an advantage.
- Familiar with security products and network devices
- Extensive technical experience with network security practices including Intranet, Extranet and Internet access
- Technical experience with UNIX, AIX, Linux, Windows
- Knowledge of TCP/IP, DNS, web, wireless security architectures, technologies from Symantec, Mcafee, Cisco, Checkpoint, Netscreen
- Knowledge of encryption and authentication methods such as 2FA, DES, Digital Certificates, SSL, IPSec and development of DMZ’s
- Knowledge of intrusion detection (deep TCP/IP knowledge, and cybersecurity), various operating systems (Windows/UNIX), and web technologies (especially internet security).
- Able to read and understand packet level data, handle Network/Host Security products (NIDS/NIPS, firewalls, HIPS, AV, scanners, etc.) and understand security events from these tools.
- Able to perform vulnerability assessment and manage such tools/processes, as well as application penetration testing or forensic analysis fields.
- Certifications from EC-Council, GIAC, (ISC)² are preferred [CISSP, C|EH, GCIA, CCNA].
- Be performance oriented; always try to excel past achievements
- Able to work under pressure during critical situations
- Able to work in a collaborative manner with peers
- Can communicate effectively with peers in discussions/meetings
EA License No. - 14C6941
Infinite Computer Solutions Pte. Ltd.