Our client is one of the biggest organisations, they are looking for a Technical Consultant for Cyber Security with at least 5 years of working in technical IT roles, and minimum of 3 years' hands-on experience in enterprise security infrastructure, IS risk assessments or testing. You need to have strong understanding of networking protocols, operating systems and cyber security concepts and technologies.
You must have strong understanding of networking protocols, operating systems and cyber security concepts and technologies.
As a Technical Consultant, you must be able to deliver IT Security projects as supporting and co-ordination of SoC, incident handling processes and security tools for monitoring and reports consolidation; implementation of security incident event analytics, cyber defence AI system, user & entity behaviour analytics, vulnerability scanning infrastructure system, threat assessment and patch management advisory operations; risk assessment of new IT systems or enhancements; and Provide guidance for designing, implementing and updating of IS initiatives.
- Deliver security tools that enable SoC with a high capability of security monitoring and detection. Prioritise security functionalities and maximize automation into security incident handling processes efficiently and effectively
- Provide technical support in security log, feeds and raw source into SIEM for data security analytics. Develop integration and detection policies for a number products such as Threat Intelligence Platform, Security Orchestration Automation and Response system, and case management system
- Work with business and IT stakeholders to design, implement and update a network vulnerability scanning systems, classify and prioritise risks, and guide relevant stakeholders to ensure that systems and services that are either developed in-house or acquired commercially are secured against known attack vectors and prevalent threats
- Develop advanced queries in SIEM from Network, platform, Database, AD and EDR logs
- Conduct technical study of IS initiatives and provide technical suggestion and recommendation in design, development and system integration. Support security testing and maintain throughout the SDLC lifecycle
- Support the evaluation of potential new products, establish playbooks for their internal processes
- University degree with strong technical background, particularly in Information Technology, cybersecurity, application development and/or networking
- Experience performing analysis with Security Data Analytic technology such as SIEM, UEBA, ELK, and SOAR
- Able to identify gaps/weaknesses in SOC monitoring capability by mapping detection rules, e.g. SIEM use cases, EDR, Carbon Black watch lists, Darktrace models, AD monitoring and Firewall policy
- Able to implement the vulnerabilities scanning to different network segment and prevention by existing security controls. Ideally automate this process
- Good knowledge of networks and systems protocols e.g. TCP/UDP, DNS, HTTP/HTTPS, SSH, FTP, etc.) as well as IT Security methodologies, vulnerability scan methodologies and approaches
- Knowledge of Log Management Platforms experience (Splunk, Elasticsearch, Logstash, Kibana - ELK / Elastic Stack)
- Hands-on experiences in Security Operations, SOC, SIEM, Incident Response, and Threat Intelligence
- Deep understanding of Security Architecture, Tool Integrations, REST APIs/SOAP APIs
- Proficiency in both written and spoken English and Chinese
Interested individuals can click apply now and send updated resume (in WORD format) to Bonnie Chan for further information.
For a more comprehensive list of current opportunities, please visit www.connectedgroup.com