What You'll Do:
Provide Tier-2 support for Managed Security Services, focusing on incident response and security event management.
Investigate, analyze, and respond to security incidents promptly, ensuring effective resolution and follow-up recommendations.
Design, implement, and fine-tune SIEM rules to enhance detection capabilities and reduce false positives.
Develop, review, and update operational procedures, guidelines, and documentation to ensure best practices.
Manage change processes for security devices, including testing, patching, and upgrading systems with proper documentation.
Prepare detailed service reports for clients and internal stakeholders, highlighting key insights and performance metrics.
Administer and maintain the Managed Security Services portal, ensuring seamless operations.
Conduct regular service review meetings with clients to discuss performance, improvements, and emerging threats.
Take ownership of ad-hoc projects and tasks, contributing to the continuous improvement of our security services.
What You Bring to the Table:
A degree in Information Technology, Computer Science, Information Security, or a related field.
At least 3 years of IT experience, with a minimum of 2 years in a hands-on cyber security role.
Professional certifications such as CISSP, CISA, GIAC, CEH, or ISO 27001 are a plus but not mandatory.
Hands-on experience in security incident analysis, investigation, and response.
Proficiency with SIEM tools (e.g., Splunk), firewalls, IDS/IPS, UTM, WAF, and system administration (UNIX/Windows).
Strong understanding of vulnerability analysis, network traffic analysis, and packet inspection.
Knowledge of regular expressions and SQL query statements is highly desirable.
Familiarity with SIEM and networking technologies will set you apart.
Excellent analytical, problem-solving, and interpersonal skills.
Ability to thrive under pressure in a fast-paced, dynamic environment.
Fluency in English and Chinese (Cantonese and Mandarin).
We Value Growth:
If you have less experience but are passionate about cybersecurity, we encourage you to apply for the Assistant Security Analyst role. We're committed to nurturing talent and providing opportunities for professional development.