Explores ways to identify stealthy threats that may have found their way inside networks, without detection, using the latest threat intelligence.
Team lead responsibilities for the SOC Analyst Team
Collects, documents, assesses, and analyzes cyber threat information; presents reports and ﬁndings to management.
Performs digital forensic tasks for cyber-criminal activities. Conducts penetration tests on production system to validate resiliency and identify areas of weakness to ﬁx.
Recommends how to optimize security monitoring tolls based on threat hinting discoveries. Provides technical assistance to other incident response and security operation teams, such as vulnerability assessment and intrusion detection.
IT Security: Physical and electronic protection of data: access control, intrusion detection, virus protection, certiﬁcation, audit, incident response, security engineering, development and implementation of security policies and procedures
Management; Senior Level Consulting
Functional, technical or process leadership; Management of multiple teams; High complexity and ambiguity; Tactical responsibilities
Focus on technical activities that require specialized knowledge
- Master’s or Bachelor’s degree in technical engineering or IT related field; or equivalent experience.
- 4+ years of experience working in Security Operations Centre with a Security Incident & Event Management (SIEM) to correlate events across several devices.
- Certified Information Systems Security Professional (CISSP) or equivalent required.
Knowledgeofthemethods,channelsandprocessestoobtainneededinformation;abilitytoidentify, captureanddocumentrelevantbusinessinformationinanauditable,organized,understandableand easily retrievablemanner.
Knowledge of customer service concepts and techniques; ability to meet or exceed customer needs and expectations and provide excellent service in a direct or indirect manner.
• Accuracy and Attention toDetail
Understanding of the necessity and value of accuracy and attention to detail; ability to process information with high levels of accuracy.
Knowledge of techniques and tools that promote eﬀective analysis and the ability to determine the rootcauseoforganizationalproblemsandcreatealternativesolutionsthatresolvetheproblemsinthe best interest of thebusiness.
• Decision Making and CriticalThinking
Knowledge of the decision‐making process and associated tools and techniques; ability to accurately analyze situations and reach productive decisions based on informed judgment.
Understanding of eﬀective communication concepts, tools and techniques; ability to eﬀectively transmit, receive, and accurately interpret ideas, information, and needs through the application of appropriate communication behaviors.
• Flexibility andAdaptability
Knowledge of successful approaches, tools, and techniques for dealing with changes and adapting to a changing environment; ability to adapt as needed.
Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply this knowledge appropriately to diverse situations.
Knowledge of the current situation or issue at hand；ability to take full personal responsibility or ownership for assignments, activities, decisions and results.
• Tolerance for Ambiguity andStress
Understanding of the necessity of moving forward with less than perfect information and ability to ﬂexibly and comfortably adapt to changing work demands.
Technical ‐ Information Technology
Knowledge of the tools and processes for maintaining application security; ability to design and implement security programs to prevent data loss and access intrusion from web and mobile applications.
Knowledge of the process and procedure by which a change is identiﬁed, evaluated, approved, monitored and documented; ability to eﬀectively control and manage changes in the production environment and in the technology‐based assets of the organization (e.g., application software, production databases, operating systems software, hardware).
Knowledge of technologies, methods and tools of forensics investigations for IT security violations or potential threats; ability to identify, uncover and evaluate violations, warning reports, suspected incidents and insidious events.
• Computer NetworkDefense
Knowledge of methods and processes to monitor, analyze and respond to network attacks, intrusions or any unauthorized actions; ability to use techniques and tools to perform network defense.
• Cybersecurity RiskManagement
Knowledge of tools, techniques, approaches and processes of cybersecurity risk management; ability to ensure organizational network operation and minimize negative eﬀect by cybersecurity risks.
Knowledge of concept and features of data networks and the ability to manage an organization's data networks for internal and external information transmission.
Knowledge of and ability to protect an organization's data to ensure privacy during the process of storage and communication.
• Digital ThreatManagement
Knowledge of techniques, approaches and processes of digital threats; ability to detect, monitor, analyze and prevent digital threats.
Knowledge of and the ability to protect information and information systems while ensuring their conﬁdentiality, integrity and availability.
• Information SecurityAudits
Knowledge of and the ability to utilize tools and techniques for assessing the eﬀectiveness of information security measures, identifying potential risk exposures, and protecting the availability, conﬁdentiality and audit trails of information from destruction or manipulation.
• Information SecurityManagement
Knowledge of the processes, tools and techniques of information security management, ability to deploy and monitor information security systems, as well as detect, resolve and prevent violations of IT security, to protect organizational data.
• Information SecurityTechnologies
Knowledge of technologies and technology‐based solutions dealing with information security issues; ability to apply these in protecting information security across the organization.
• Information Technology (IT) SecurityPolicies
Knowledge of IT security policies, standards, and procedures; ability to utilize a variety of administrative skill sets and technical knowledge to ensure cyber security compliance.
• Internet of Things (IoT)Security
Knowledge of concepts, methods and trends of Internet of Things security; ability to utilize tools and technologies to secure connected IoT devices and network.
• Intrusion Detection andPrevention
Knowledge of tools, techniques and processes of intrusion detection and prevention; ability to detect, resolve and prevent intrusion behaviors to protect organizational networks.
Knowledge of the threats, measures and practices of mobile security; ability to reduce mobile risks and protect personal and organizational data and information.
• Network and InternetSecurity
Knowledge of the tools and processes for maintaining network and Internet security; ability to develop and implement safeguards for the prevention of intrusion and unauthorized access.
Knowledge of network concepts, technologies, tools and philosophies, and the ability to design an organization's network infrastructure and services.
• Security Information and Event Management(SIEM)
Knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilize related applications to protect organizational networks from cyber risks.
Knowledge of vulnerability assessment tools, techniques, models, and systems; ability to utilizes the knowledge to identify vulnerabilities on network, ope