工作职责
* Monitor and analyze security alerts from various sources, utilizing the
SIEM platform.
* Identify anomalous patterns, potential threats, and security incidents.
* Create and refine SIEM use cases to enhance detection capabilities.
* Collaborate with senior analysts to develop and implement custom use cases
tailored to specific organizational risks.
* Fine-tune existing security detections to reduce false positives and
improve detection accuracy.
* Work on SIEM rules and correlations based on emerging threats and
organizational changes.
* Investigate high complexity cyber security incidents with minimal
direction, determine the root cause and establish defense measures as part of
the China Cyber Defense Center team.
* Contribute to the development of incident response plans and procedures.
* Maintain comprehensive documentation of use cases, detection rules, and
tuning configurations.
* Contribute to the preparation of reports on security incidents, trends, and
SIEM performance.
任职要求
* Bachelor’s degree in relevant field (computer science, IT, etc.) or with at
least 4 years of relevant experience
* More than 4 years of professional experience working as a security analyst
using a SIEM
* Good technical skills and understanding e.g. Web, SQL, KQL, Scripting,
Endpoints, Client Management, Server
* Strong Analytical skills and ability to work under pressure
* High degree of self-learning and self-motivation
* Capable to conduct risk assessments in case of cyber attacks
* Consulting, negotiation, and relationship skills
* Capabilities, like research and innovation
* Experience in international project management
* High degree of commitment to high performance culture
* Ability to take action for continuous improvement
* Language Chinese and English