- Monitoring security logs sources and alerts from the SIEM and other threat detection systems for threats activity. Interpreting, conducting analysis and making recommendations for resolution.
- Handling security incidents in line with the incident response processes.
- Producing security incidents reports and recommendations.
- Following, maintaining and helping in the evolution of the SOC processes and procedures, including use case, SOP, etc.
- Hunting potential internal and external threats and developing detection mechanisms and reports.
- Providing security advices and promoting security awareness to other IT teams and clients.
- Helping in the production of threat intelligence and IoC by leveraging threats information from past incidents, sandboxes reports, malware reversing and data forensic.
- Diploma / Degree in Computer Science, Data Communications, Engineering or equivalent.
- Experienced working within a mature SOC organization or in an equivalent security environment.
- Experience in using SIEM technologies, endpoint protection, IDS and other security technologies.
- Technical expertise in multiple security technologies would be an advantage including security incident handling experience.
- Experienced in the pen testing/ethical hacker field is a plus.
- Strong knowledge of vulnerabilities, CVE, 0day and their potential impacts.
- Good knowledge of threat intelligence data, IoC, threat actors, kill chain, Stix/Taxii, etc.
- Keeping aware and continually informed of the worldwide security landscape: new threats, actors, du jour attack, as well as the new security technologies and products.
- Ability to comprehend the priority on enabling the business, while working on security incidents mitigation/containment and possible impacts on the production environment.
- Solid understanding of system, and application logs from a variety of platforms, from firewall, domain controllers to IDS, etc.
- Skills in network analysis, sandboxing, malware reversing or forensic is an asset.
- High level of analytical and problem-solving skills.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
Highly advantageous for the following:
- Experience with IT compliance assessments (ISO 27000 etc.).
- Certified Information Systems Auditor
- Global Information Assurance Certifications (GIAC) e.g. Certified Incident Handler (GCIH), Certified Intrusion Analyst (GCIA), Certified Enterprise Defender (GCED) or other relevant GIAC certifications.
- Working location at East area
- Interested candidates must be open to support staggered shift hours (no overnight shift), and weekends support.
To apply, please visit www.gmprecruit.com and search for Job Reference: 18834
To learn more about this opportunity, please contact Yingying at email@example.com
We regret that only shortlisted candidates will be notified.
GMP Technologies (S) Pte Ltd | EA Licence: 11C3793 | EA Personnel: Lai Yingying | Registration No: R1110239