A Senior Cyber Specialist role provides ound the clock cyber security operations support as a key resolver between SOC 24x7 and local technology teams, using cutting edge security technologies and processes. As a key team liaison member from Cyber team you will provide expertise and support by bridging the gap between our analyst teams and technical engineers to resolve complex issues and drive false positive reduction. Working alongside the Security Operations Centre (SOC) and local IT in support of the wider cyber team to enable and improve effective detection, analysis, response, and recovery to cyber security incidents. Responsibilities will include but not be limited to: Experienced Cyber Security Analyst/Engineer with extensive experience working with Alerts, Tuning, Windows and Linux infrastructure, Cloud technologies including AWS and AliCloud Working 9 to 5 in the APAC region with rotational 24x7 on-call Must be fluent in both spoken and written Mandarin and English Technical understanding and first-hand approach with a wide range of Cyber Security related toolsets Ability to work closely with technical teams as well as able to communicate with non-technical individuals Acts as resolver group for security incidents raised by the Security Operations Centre (SOC), working side by side with Cyber Security Operations, including other engineers. Working with Cyber Security Officers responsible for maintaining relationships with the business in-region. Assist in the development of security use cases including new playbooks for the SOAR tool that improve our cyber security posture Acting as a Subject Matter Expert to recommend improvements to security configuration across multiple toolsets and platforms Generating requirements for the fine tuning of SIEM rules. In coordination with the Cyber Security team and other structures, be able to respond to the CSIRT and associated emergency preparedness procedures. Develop, conduct, and participate in Cyber Incident Response exercises. Creating and maintaining a good working relationship with key vendor partners. Assist SOC Managers and Leaders with ad-hoc requirements such as reports and Route Cause Analysis Deliver exceptional quality of Incident Response and Tickets Required experience & skills Non-technical skills: Ability to manage conflicting priorities and multiple tasks in a high-pressure environment Must be fluent in both spoken and written Mandarin and English Excellent written and verbal communication skills and able to be understood by both technical and non-technical personnel Stakeholder management and people skills (at both a technical and non-technical level) Able to work in a collaborative environment Outstanding critical reasoning and critical thinking skills – sticks to the problem until it is resolved Ability to provide rapid and concise summaries of complex situations Technical skills: Experience with AWS/AliCloud security domains Excellent Windows (workstation and server) and Linux skills Scripting skills desirable but not essential Some cloud architecture experience would be preferred but no essential Excellent Cyber Security problem and troubleshooting ability Broad understanding of Threat Intelligence, Vulnerability Management, Data Privacy, Cloud, Identity, Compliance, Risk, Process, Technologies. Qualifications within IT Security (e.g., SANS Blue Team, CISSP, GCIH, GCIA, GMON) are desirable but not required In-depth knowledge and understanding of how to handle and respond to security incidents as part of a specialized incident response team Strong working knowledge and thorough understanding of Protective Monitoring, Vulnerability Monitoring, and Threat Intelligence Knowledge and understanding of a wide variety of security technologies and processes Up-to-date knowledge of current exploit techniques, vulnerability disclosures, data breach incidents, and security analysis techniques, combined with the understanding of the potential impact on the security posture Experience: At least 5+ years of relevant experience in Cyber Security Operations Experience of Incident Response Experience operating within a large-scale enterprise network Has thrived in fast-paced, high-pressure environments
