-
Provide Tier-2 support for Managed Security Services, focusing on incident response and security event management.
-
Investigate, analyze, and respond to security incidents promptly, ensuring effective resolution and follow-up recommendations.
-
Design, implement, and fine-tune SIEM rules to enhance detection capabilities and reduce false positives.
-
Develop, review, and update operational procedures, guidelines, and documentation to ensure best practices.
-
Manage change processes for security devices, including testing, patching, and upgrading systems with proper documentation.
-
Prepare detailed service reports for clients and internal stakeholders, highlighting key insights and performance metrics.
-
Administer and maintain the Managed Security Services portal, ensuring seamless operations.
-
Conduct regular service review meetings with clients to discuss performance, improvements, and emerging threats.
-
Take ownership of ad-hoc projects and tasks, contributing to the continuous improvement of our security services.
-
A degree in Information Technology, Computer Science, Information Security, or a related field.
-
At least 3 years of IT experience, with a minimum of 2 years in a hands-on cyber security role.
-
Professional certifications such as CISSP, CISA, GIAC, CEH, or ISO 27001 are a plus but not mandatory.
-
Hands-on experience in security incident analysis, investigation, and response.
-
Proficiency with SIEM tools (e.g., Splunk), firewalls, IDS/IPS, UTM, WAF, and system administration (UNIX/Windows).
-
Strong understanding of vulnerability analysis, network traffic analysis, and packet inspection.
-
Knowledge of regular expressions and SQL query statements is highly desirable.
-
Familiarity with SIEM and networking technologies will set you apart.
-
Excellent analytical, problem-solving, and interpersonal skills.
-
Ability to thrive under pressure in a fast-paced, dynamic environment.
-
Fluency in English and Chinese (Cantonese and Mandarin).
