Secondment via YER
IT & Telecom
About this vacancy
This role is part of Group IT Function and has a main responsibility for supporting Group IT Security with activities related to Security Operations Centre. This role will be accountable for the daily SOC Operations mainly on handling of escalated security events from SOC L1, ticket follow-up, quality assurance, investigations and improvement of the dashboard monitoring and report. The individual requires (full) coordination with the various team on the detected and escalated security events ensuring proper follow up until resolution.
SOC Detection and Response
- Assist on the security monitoring, detecting and analysis of events related to security, ensuring proactive and appropriate defence.
- Support the investigation and remediation of the existing threat arising from central event monitoring tools.
- Participate on the Use Case Development supported by the SIEM and security tools.
- Act as a point of escalation from SOC L1 for detected security events within and outside the team.
- Provide quality assurance (review the work of SOC L1, events suppression, improvement of templates, etc.) and create various SIEM dashboards and reporting.
- Participate on the creation of technical procedures, handling guidelines and playbooks.
- Work with the global SOC and Operations Team (Asia and EU Business Unit and Group Level) on responding and resolving events generated by the SIEM.
Security Projects & Deployments
- Drives the implementation of the central event monitoring tools.
- Coordinates the implementation of the other projects when necessary. Lead the integration, deployment, and various testing.
- Ensure various tickets and escalated security issues are being handled in a timely manner
- When needed, conduct forensic investigations, malware analysis, reverse engineering, advanced investigation utilizing various in-house and open-source security tools.
- Prepares various reports and metrics as defined by the management.
- Attends meeting and participate to various cyber exercises.
Our client has grown into the world’s largest international health and beauty retailer, they strive to connect their international network of 12 retail brands to make the world a happier and healthier place together.
- A strong market-based salary via YER, matching your education and experience;
- Minimum 25 vacation days and 8% vacation allowance;
- Travel allowance;
- Good pension scheme;
- Very fringe benefits;
- 9 out of 10 YER professionals enter into permanent employment with the client after their hiring period via YER;
- Degree holder in Computer Science or related disciplines. Relevant security qualifications is a big plus.
- At least 1-2 years experiences in IT Security; information security incident handling and SOC operations experience will be a big plus.
- Hands on Cyber security solution implementation and operation, especially in SIEM and various security tools.
- Strong problem-solving skills and fast learner.
- Liaison skill & teamwork, passion & commitment mentality
- Good interpersonal and communication skills.
- Solid support experience on Splunk/Microsoft Security (MDE, Sentinel) operations and project implementations including the integration of other enterprise security tools such as SOAR, EDR, Enterprise Anti-virus, Vulnerability Management, and other supporting tools.
- Basic experience on Splunk systems maintenance and troubleshooting (Splunk components like Heavy Forwarders and Deployment Servers)
- Basic events handling experience in EDR (MS MDE), NDR (Vetra AI), MS Sentinel interface.
- Well experienced in security incident handling.
- Broad knowledge of cyber security concepts including vulnerabilities, web and application security, access controls and secure architectures.
- Experience in ITSM tools.