SOC L1 Analyst
eTeam Hong Kong
Singapore, SG
2d ago

Security Operations Center Level 1 Analyst

Reporting to the Team Lead of the Security Operations Center, the candidate will be responsible for monitoring and responding to any potential security related risk targeting the Group.

It is essential for the candidate to have the background and knowledge to discuss incident response activities internally and support security incident investigations.

Primary Location : Singapore, Changi Education : Minimally a Technology Diploma Job Function : Technology, Information Security Schedule : Full-time Shift : Rotating 24 hours / 8 hours per shift Employee Status : Contract Travel Time : No

Principal Job Functions

  • Monitor developing cybersecurity events around the world, and escalate to L2 team if relevant events are observed; Performs monitoring, assessment and analysis on security tools such as Anomaly Detection systems, Firewalls, Antivirus systems, Proxy devices Follow pre-defined actions to handle security alerts including escalating to L2 team and other support groups Execute daily adhoc tasks or lead small projects as needed Participate in daily and ad-hoc documentation related tasks Create and maintain operational reports for Key Performance Indicators and weekly and Monthly Metrics Perform assessment phase of Vulnerability & Threat Management process Receive threat intelligence from feeds the Group subscribed to and update to Threat Client DB;
  • Be ready to support any security incident response investigation in the Group regardless of location and environment; Work closely with Team Lead to review, provide feedback and take actions to improve the methodology use in the Security Operations;
  • Responsible to ensure all tickets logged are closed correctly and timely; Ensure timely submission of routine reports on threats, vulnerabilities and incidents handled by the Security Operations Center;
  • Keep the Security Operations Center runbooks and procedures updated.

    Prerequisites

    3+ years working in security operations, preferably with incident management experience Experience in the Banking industry will be an advantage.

    Familiar with security products and network devices Extensive technical experience with network security practices including Intranet, Extranet and Internet access Technical experience with UNIX, AIX, Linux, Windows Knowledge of TCP / IP, DNS, web, wireless security architectures, technologies from Symantec, Mcafee, Cisco, Checkpoint, Netscreen Knowledge of encryption and authentication methods such as 2FA, DES, Digital Certificates, SSL, IPSec and development of DMZ's Knowledge of intrusion detection (deep TCP / IP knowledge, and cybersecurity), various operating systems (Windows / UNIX), and web technologies (especially internet security).

    Able to read and understand packet level data, handle Network / Host Security products (NIDS / NIPS, firewalls, HIPS, AV, scanners, etc.

    and understand security events from these tools. Able to perform vulnerability assessment and manage such tools / processes, as well as application penetration testing or forensic analysis fields.

  • Certifications from EC-Council, GIAC, (ISC) are preferred CISSP, C EH, GCIA, CCNA . People Skills : o Be performance oriented;
  • always try to excel past achievements o Able to work under pressure during critical situations o Able to work in a collaborative manner with peers Communication Skills : o Can communicate effectively with peers in discussions / meetings

    Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form