JOB RESPONSIBILITIES

• Conduct thorough assessments of security threat and vulnerabilities, analyzing potential risks to the organization's information system & network.
• Lead incident response efforts (incident respond team), including monitoring, identifying, analyzing, containing, and mitigating security breaches (24x7). Develop and implement cyber incident response plans/cyber incident playbook for responding to cyber incident, for ensuring an effective and timely response.
• Lead SOC teams and other stakeholders to conduct threat hunting, threat intelligence, analysis and investigate cyber incident.
• Oversee security monitoring tools and system (SOC 24x7) to detect and respond to security incidents in real-time.
• Monitoring information systems accesses and stay informed and escalates all activities such as suspicious activity, alerts taking place within the networks.
• Lead SOC teams and other stakeholders to implement, manage and enhance SOC tools working properly and effectively.
• Design use case, log parsing, turning rules, reports, and dashboard.
• Assist in the improvement, development and enforcement of SOC plan, process/procedure, and cyber incident playbooks to ensure compliance with internal policy and industry regulations.
• Work closely with IT security team, IT team and other departments to ensure security measures are integrated into all aspects of the organization's operations.
• Research new trends, analyze threats to information technology to stay update on software, potential threats, best practice for security and prevention.
• Conduct training sessions and workshops to raise awareness about security best practices, procedures, cyber incident playbooks among employees.
• Prepare detailed reports on security incidents, vulnerabilities, and compliance status for management and stakeholders (daily, weekly, and monthly).

JOB REQUIREMENTS

• Graduated bachelor’s degree of Information Technology, preferably in the field of Computer Science.
• Must be certified or hold a valid certification in any security course like SOC 100, SOC 200 OSDA, CSA, CND, CEH, ECIH, and other security related courses are advantaged.
• Additional knowledge/experience of cyber threat intelligence frameworks like STIX/TAXII, MITRE ATT&CK is preferable.
• At least 3 years of directly related practical experience and demonstrated ability to carry out SOC, security operations.
• Experiences implementing and maintaining the cyber security controls, incident response.
• Experiences implementation of security tools.
• Experience and extensive knowledge of Security Information Event Management (SIEM), EDR, XDR
• Knowledge and experience in leading cyber security analyst team.
• An exceptional understanding of threats and attack vectors and their mitigation.
• Solid understanding and experience working with and analyzing malware.
• Working knowledge and administration of Linux, Windows, and Mac environments.
• Experience or familiarity with SIEM solutions, intelligence and analysis tools, Threat Intelligence Platforms and OSINT aggregators.
• Basic knowledge of programming languages or scripting.
• Experience in vulnerability scanning, assessment,
• Experience in creating security incident report, manage and maintain threat, vulnerability report.