We have an exciting opportunity for a Security Operations Analyst L2 to join us in Hong Kong
Triaging, investigating and management of ongoing Cyber Security Incidents.
Day to day management of the NDR, EDR and SOAR platform
Support in the creation of operational documents such as- use cases, play / run books
and training materials) on incident response, and ensures regular updating of these
Support in the creation of various metrics, reporting, review of incident progress and
Support Regional Security Operations to ensure the Security posture of business units
are under proper measure, monitor and manage.
SOC Incident response
Support the SOC Manager on incident management and remediation.
Report on incidents
Assist on developing new ideas on how to improve the security operations, creates
technical procedures, handling guidelines and playbooks.
Where appropriate working with the global SOC responding and resolving events
generated by the SIEM
Forensics and Malware
Conduct Forensic investigations to facilitate such things as root cause analysis,
evidence of malicious insider and data breaches.
Investigate Malicious files and package to ensure RCA, and be able to provide those findings to the relevant stakeholders to further secure our environment
Security Projects & Deployments
Supports in the implementation of the SOC, its security tooling and the resourcing.
Supports other projects at the discretion of the Senior Manager Cyber Security Operations.
Degree holder in Computer Science or related disciplines, or appropriate
GIAC Cyber Security Cert or CISSP qualification is a big plus.
At least 3-5 years experiences in Information Security
Proficient in utilising Splunk within a SOC and Incident Response environment.
Experienced with Endpoint / Network Detection and Response, preferably
Crowdstrike and Vectra.
A sound understanding and working experience of Security Orchestration and
Response tooling, preferably Cortex XSOAR.
Hands on Cyber security incident management within a SOC environment.
Strong problem-solving skills and fast learner.
Solid experiences on Information Security Management System and IT Service
Liaison skill & teamwork, passion & commitment mentality
Good interpersonal and communication skills.
Fluent in spoken and written English
A sound understanding and knowledge of using Splunk in a SOC environment.
Broad knowledge of cyber security concepts including antivirus and malware
protection, vulnerabilities, web and application security.
Solid support experiences of enterprise security tools such as Enterprise Anti-virus,
Vulnerability Management, EDR, SIEM, SOAR and other supporting tools.
Well experienced in security incident handling.
Experience in various ticketing tools.