Cyber Security Operations Analyst – L2
Capgemini
Hong Kong
2天前

We have an exciting opportunity for a Security Operations Analyst L2 to join us in Hong Kong

Daily Operations

  • Triaging, investigating and management of ongoing Cyber Security Incidents.
  • Day to day management of the NDR, EDR and SOAR platform
  • Support in the creation of operational documents such as- use cases, play / run books
  • and training materials) on incident response, and ensures regular updating of these

    documents.

  • Support in the creation of various metrics, reporting, review of incident progress and
  • compliance status

  • Support Regional Security Operations to ensure the Security posture of business units
  • are under proper measure, monitor and manage.

    SOC Incident response

  • Support the SOC Manager on incident management and remediation.
  • Manage incidents
  • Report on incidents
  • Assist on developing new ideas on how to improve the security operations, creates
  • technical procedures, handling guidelines and playbooks.

  • Where appropriate working with the global SOC responding and resolving events
  • generated by the SIEM

    Forensics and Malware

  • Conduct Forensic investigations to facilitate such things as root cause analysis,
  • evidence of malicious insider and data breaches.

  • Investigate Malicious files and package to ensure RCA, and be able to provide those findings to the relevant stakeholders to further secure our environment
  • Security Projects & Deployments

  • Supports in the implementation of the SOC, its security tooling and the resourcing.
  • Supports other projects at the discretion of the Senior Manager Cyber Security Operations.
  • Person Specification

  • Degree holder in Computer Science or related disciplines, or appropriate
  • extensive experience.
  • GIAC Cyber Security Cert or CISSP qualification is a big plus.
  • At least 3-5 years experiences in Information Security
  • Proficient in utilising Splunk within a SOC and Incident Response environment.
  • Experienced with Endpoint / Network Detection and Response, preferably
  • Crowdstrike and Vectra.
  • A sound understanding and working experience of Security Orchestration and
  • Response tooling, preferably Cortex XSOAR.
  • Hands on Cyber security incident management within a SOC environment.
  • Strong problem-solving skills and fast learner.
  • Solid experiences on Information Security Management System and IT Service
  • management.
  • Liaison skill & teamwork, passion & commitment mentality
  • Good interpersonal and communication skills.
  • Fluent in spoken and written English
  • Technical Requirements

  • A sound understanding and knowledge of using Splunk in a SOC environment.
  • Broad knowledge of cyber security concepts including antivirus and malware
  • protection, vulnerabilities, web and application security.
  • Solid support experiences of enterprise security tools such as Enterprise Anti-virus,
  • Vulnerability Management, EDR, SIEM, SOAR and other supporting tools.
  • Well experienced in security incident handling.
  • Experience in various ticketing tools.
  • 报告这项工作
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    申請
    郵箱地址
    通過點擊“持續”,我允許neuvoo同意處理我的數據並向我發送電子郵件提醒,詳見neuvoo的 隱私政策 。我可以隨時撤回我的同意或退訂。
    持續
    申請表