Cyber Security Analyst - Mandaluyong - DFI Retail Group

Paglalarawan

Is this your next challenge in Cyber Security Analyst?

We are expanding and looking for a SOC Engineering Specialist to join our IT Security Team. This position is the Level 2 blue team for manage SIEM platform, cyber security investigations and incident handling.

Your background should include develop and maintain the SIEM and SOAR, hands-on security incident response and exposure to security technologies including firewalls, IPS/IDS, logging, monitoring, Vulnerability Assessment.

You should understand network security and system administration. To execute your expertise with excellent stakeholder management while problem solving will be a top priority for you.

The challenge is to:

• Perform accurate and precise real-time analysis and correlation of logs/alerts from a multitude of client devices with a focus on the determination of whether said events constitute security incidents.
• Hands-on experience in the setup and writing of SIEM & SOAR correlation rules.
• Enhance and fine-tune threat detection scenarios and strategies.
• Research and analyse the latest attacker tactics and implement proactive security measures.
• Establish new and maintain existing security operation guidelines, procedures, and playbooks.
• Responsible, interpreting, conducting analysis and making recommendations for resolution from security logs sources and alerts from the (SIEM, IAM, CASB, EDR, SEG & other security tools) and other threat detection systems for threats activity from our managed services Security Operations Centre (SOC).
• Report incident statistics through SIEM platform and provide analysis of incidents.
• Ability to explain the risks of security threats and devise mitigations.
• Familiarity with various SIEM platforms such as Splunk/Elastic/Microsoft Sentinel, etc.
• Act as team and responsible for cyber security incidents arising (e.g. for end-point devices such as laptops, desktops, servers, firewalls, routers, O365, SEG, security devices, etc), including those escalated by Security Operations Centre (SOC). This involves following up with the respective end users and IT personnel to ensure incidents are effectively closed.
• Representing Group-level IT Security COE across IT teams at key cross-team projects/Initiatives and managing Group-level IT Security project plan, schedule, issue/dependency tracking and security check on Pre and Go-Live.
• Maintain Security Hardening Standard: creating secured configuration standards for new platform/technology, and enhancements of overall existing standards.
• Facilitate security request on firewall, email, etc whitelisting review & approval.
• Prepare regular cyber security status reports for submission to Leadership team.
• Review and analyse the vulnerability based on CVE & CVSS industry standards; identify the impact and measure the risk of exploitability and provide recommendation to prioritize the implementation especially those High & Medium risks to the relevant stakeholders.
• Provide advice to IT/End users and managing the cyber security policies, procedures and best practices.
• Perform periodic review on Privilege accounts & other Security owned accounts.
• Communicate cyber security advisories to IT/End users.
• Any other duties as required by the company.

Do you have experience in?

• Degree holder in Information Security, IT, Computer Science or other related disciplines
• Overall IT relevant experience of minimum 3 years, in a combination of multi-disciplinary IT/Security Operations with minimum 2 years in cyber security
• Experience in working for a demanding security operations Centre with multiple tracks.
• Proficient in cyber security and technology risk management
• Good knowledge and understanding of Vulnerability Management and Penetration Testing
• Knowledge in OWASP and common attack vectors in different platforms (Windows, Linux, Network, etc)
• Knowledgeable in TCP/IP, Linux/UNIX System Administration, DNS server and Windows System Administration
• Experience in working with Cloud and vendors risk assessment.
• Experience and understanding of IT operations and processes.
• Knowledge of Security Standards and Frameworks including MITRE & ATT&CK, ISO 27001:2013, NIST, PCI-DSS, Data Protection etc., cyber security threats, tools and best practices
• Experience and knowledge of cloud & network security is preferred
• Experience in supporting or managing Security projects or Risk Management programs
• Experience in working with managing external vendor supporting SOC

If you have the right skills and experience, this is an opportunity to build your career with Asia's leading retailer.

DFI Retail Group is an equal opportunity employer and responsible for ensuring that all personal information collected from each Candidate presented to DFI Retail Group is used for recruitment purposes only and the personal data will be kept and handled confidentially. We will retain the applications of candidates not selected for a period of no more than 24 months. The data collection process is in accordance with all applicable laws and compliant with the Code of Practice on Human Resource Management.

To find out more about Our Businesses and Our People, please visit our website: Issued by The Dairy Farm Company, Limited