Manager/Senior Officer, Security Operations Centre Analyst, Information Security
The Security Operation Center (SOC) is seeking enthusiastic, passionate and technically strong Cyber Security Analyst. The successful candidate will have experience in incident triage, security threat monitoring, security compliance monitoring and familiar with SOC processes and environment. The analyst will be working in a 24x7x365 shift environment and will respond to security incidents in Intelligence driven SOC.
- The analyst will be responsible for performing daily operational real-time monitoring and analysis of security events from multiple sources.
- Triage security incidents (malware infections, unauthorized access, malicious emails, Phishing, Distributed Denial of Service (DDoS) attacks, etc.)
- Analysis of cyber threats by deep packet inspection.
- Detection of threat by analyzing large set logs from different security & Network devices, different Operating system, Databases, Web servers/Applications etc.
- Enhance and Build Cyber threat detection use cases and assist in analyzing & reducing false positive
- Identify infection/compromise in the company utilizing threat intelligence and indicators of compromise (IOCs) from different threat Intel sources and regulators.
- Analyst will be responsible for identification, classification and prioritization of Incident.
- Assist in Incident Response for Detected/Reported Cyber security Incidents.
- Generate security reporting and metrics as required
- Perform daily health check on the system health status
- Stay current on the latest Cyber threats, Attacks and vulnerabilities
- ITC/Diploma/Degree in Computer Science / IT Security from a recognized education institution
- Professional security related qualification (e.g. SANS GCIA, GSEC, GCIH) will be favorable although not mandatory
- Min 3 to 5 years of relevant experience in similar capacity but candidates without relevant industry experience but have strong passion and proven track of learning/exploring cyber security can apply.
- Strong understanding of Networking, Operating System and Cyber Security concepts.
- Good understanding of Cyber security: Cyber kill chain, TTP, threat intelligence, malware triage.
- Good understanding of Different Attacks on System, Network, Applications.
- A good knowledge in Internet infrastructure, networking technology and network security (i.e. DNS, DHCP, Firewall, WAF, IDS, IPS, VPN, APT and TCP/IP protocols)
- Malware triage and analysis capability will be an advantage
- Working experience with major SIEM will be an advantage
- Experience in analyzing different logs to detect cyber threats (i.e. Security Devices, Operating Systems, Network Devices, Databases, and Application/Web Servers etc.)
- Good written and verbal communication skills
- Process and procedure adherence
- Strong analytical and problem solving skill
- Work in a rotational 24/7 SOC environment
United Overseas Bank Ltd (UOB)