Cybersecurity Engineer

Responsibilities:

• Round-the-clock surveillance of the Company's information assets using various cyber defence tools to monitor internal and external sources.
• Provide timely detection, identification and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities.
• Use cyber defence tools for continuous monitoring and analysis of system activities to identify malicious activity.
• Analyse and respond to threats, software, and hardware vulnerabilities.
• Develop scripts, fine-tuning SIEM rules and solutions to automate the triage and analysis process.
• Provide incident response (IR) support when required.
• Produce actionable cyber threat intel from various threat intelligence sources, both open and commercial sources.
• Actively hunt for indicators of compromise (IOCs) and threat actor groups and tactics, techniques, and procedures (TTPs) in the environment.
• Investigate and assess alerts from our diverse security tools (EDR, SIEM, etc.) to determine the scope, impact, and appropriate response to potential incidents.
• Take decisive action to contain and mitigate threats, following our incident response playbooks and processes.
• Serve as a key point of contact during security incidents, providing clear and timely updates to technical and non-technical stakeholders across the organization.
• Handle and respond to enquiries on Change Requests and Service Requests.
• Perform user and application on-boarding activities within PAM.
• Assist in incident handling, including joint troubleshooting with vendors and clients, applicable to both remote and onsite support.
• Stay abreast of emerging cybersecurity threats, vulnerabilities, and regulatory requirements.
• Assist in the interpretation of cybersecurity and technology-related legislation.
• Participate in cybersecurity exercises to ensure the continued relevance and efficacy of the organization's response capabilities.
• Document and review the components of cybersecurity operations to ensure potential risks are considered.
• Ensure that all areas of cybersecurity are reviewed and covered comprehensively.
• Able to work shift, shift patterns may change according to business needs.
• Create and update device technical documentation to support system changes and configurations.
• Handle minor software upgrades, patches, and vulnerability fixes as released by vendors.
• Strong ability to interpret the information collected by network tools.
• Provide risk oversight and monitoring through independent reviews and objective assessments. This includes establishing monitoring processes.
• Collaborate with other departments and business units to ensure alignment on cybersecurity risk management practices.

Requirements:

• Degree or Diploma in Computer Science, Computer Engineering, or Information Security related fields.
• 2 years of experience working in a Security Operation Centre (SOC) or Computer Emergency Response Team (CERT/CIRT).
• A relevant industry certification (e.g., CISSP, CISM, CRISC) is highly desirable and scripting capabilities (i.e. Python, Bash or PowerShell) are a plus.
• Working experience with OWASP Top 10, CVSS, MITRE ATT&CK framework, Cyber Kill Chain and DevSecOps strongly preferred.
• Good knowledge of different types of network communication (e.g., Local Area Network, Wide Area Network, Metropolitan Area Network, Wireless Wide Area Network, Wireless local Area Network).
• Good knowledge of incident response and handling methodologies.
• Strong troubleshooting, analytical, and problem-solving skills.
• Good knowledge of backup policies, change management, and security patching processes.
• Team player with good communication, presentation, and interpersonal skills.
• Meticulous, self-motivated, and able to work under pressure.

Please be notified that only shortlisted candidates will be notified