Responsibilities

  • Responsible for working in a 24×7 IT Security Operation Centre (SOC) environment.
  • Identification, quantifying and tracking of cyber security incidents
  • Triage and management of information security events including, where necessary, participation in security incident management
  • Respond to inbound Change Requests (CRs), Service Requests (SRs), Queries for handling Incident Management
  • Provide Incident Response (IR) support when analysis confirms actionable incident
  • Security administration and auditing of privileged systems access
  • Provide threat and vulnerability analysis as well as security advisory services
  • Analyze and respond to previously undisclosed software and hardware vulnerabilities
  • Investigate, document, and report on information security issues and emerging trends
  • Integrate and share information with other analysts from other shift
  • Assist L1 SOC analysts to develop and improve their cyber security skills
  • Assist Team Leads with reporting, projects, monthly SOC Reports specific to respective projects
  • Review SOC Analyst ticket queue, review tickets, closure or reassignment as needed
  • Maintaining and tracking all information security related documentation to ensure they remain relevant, appropriate and up to date
  • Handle SOC incoming phone calls and triaging phone calls that are not related to monitoring
  • Create daily Shift Handoff notes and summary and send to all shifts
  • Other duties as assigned by Team Leads and/or Operations Manager
  • Will float to cover various work schedules and perform monitoring duties as deemed required

Projects:

  • Implementation (New builds or migration) of security tools like SIEM, Firewall, UEBA, End Points, SOAR
  • Configure and troubleshoot security infrastructure devices
  • Device integration and content development inclusive of rules, reports, and custom parsers, playbooks
  • Prepare and document project documents (Design, Administrative Guide, Operation Manual, UAT, etc)
  • Manage fault rectification process, and troubleshoot hardware and software technical problem using a range of diagnostic utility tools
  • Perform periodic preventive maintenance to relevant equipment
  • Support relevant projects, initiatives or security activities such as security awareness program, security incident response with relevant teams.

Requirements

  • Diploma/Degree/Bachelor
  • 2+ years of experience in Cyber Security / SOC support
  • Networking such as TCP/IP, switching / routing and Cybersecurity Concepts
  • Working with ITSM /Smart IT ticketing systems
  • Security systems including firewalls, intrusion detection systems, anti-virus software, endpoint security and vulnerability management software
  • Knowledge of frameworks such as Cyber Kill Chain and Adversary Tactics, Techniques and Procedures
  • Candidate should possess the ability to work under pressure with extreme deadlines, prioritize projects & tasks, and maintain focus in a dynamic environment

Preferred Qualifications: - Diploma / Associates Degree in Computer Information Systems - CompTIA Network/Security + Certification - Certified SOC Analyst Certification - Others IT security qualifications by recognized organisations - QRadar/Splunk SIEM or any other major SIEM Platform or SOAR platform is desirable - Exposure to working with a MSSP is an advantage