职位描述: Knowledge Management 61 Maintain the Threat Detection and Response Sharepoint site to ensure the content is up-to-date. 61 Assist in updating various procedural documents. Detection Engineering 61 Detection rules development and validation through automated tools (AttackIQ) and manual method. 61 Documentation of test cases and test results. 61 SOAR automation playbooks development and fine-tuning. 61 ArcSight SIEM log parsers development. Administrations 61 Support BAU production change activities by preparing related documentations. 61 Metrics reporting - Data extraction and report preparation. 职位要求: 61 Basic knowledge in cybersecurity, understand SOC (security operation centre) operation and cyberattack techniques. 61 Experience in building log parsers using regex. 61 Experience in function/user acceptance tests execution. 61 Good written English.English reading and writing English speaking or Cantonese speaking (prefer English)
