Cybersecurity Engineer

The Cybersecurity Engineer encompasses data protection through threat detection, incident response, and scripting, keeping our patient data safe and secure. Responsibilities Round-the-clock surveillance of the Company's information assets using various cyber defence tools to monitor internal and external sources. Provide timely detection, identification and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities. Use cyber defence tools for continuous monitoring and analysis of system activities to identify malicious activity. Analyse and respond to threats, software, and hardware vulnerabilities. Develop scripts, fine-tuning SIEM rules and solutions to automate the triage and analysis process. Provide incident response (IR) support when required. Produce actionable cyber threat intel from various threat intelligence sources, both open and commercial sources. Actively hunt for indicators of compromise (IOCs) and threat actor groups and tactics, techniques, and procedures (TTPs) in the environment. Investigate and assess alerts from our diverse security tools (EDR, SIEM, etc.) to determine the scope, impact, and appropriate response to potential incidents. Take decisive action to contain and mitigate threats, following our incident response playbooks and processes. Serve as a key point of contact during security incidents, providing clear and timely updates to technical and non-technical stakeholders across the organization. Handle and respond to enquiries on Change Requests and Service Requests. Perform user and application on-boarding activities within PAM. Assist in incident handling, including joint troubleshooting with vendors and clients, applicable to both remote and onsite support. Stay abreast of emerging cybersecurity threats, vulnerabilities, and regulatory requirements. Assist in the interpretation of cybersecurity and technology-related legislation. Participate in cybersecurity exercises to ensure the continued relevance and efficacy of the organization’s response capabilities. Document and review the components of cybersecurity operations to ensure potential risks are considered. Ensure that all areas of cybersecurity are reviewed and covered comprehensively. Able to work shift, shift patterns may change according to business needs. Create and update device technical documentation to support system changes and configurations. Handle minor software upgrades, patches, and vulnerability fixes as released by vendors. Strong ability to interpret the information collected by network tools. Provide risk oversight and monitoring through independent reviews and objective assessments. This includes establishing monitoring processes. Collaborate with other departments and business units to ensure alignment on cybersecurity risk management practices. Requirements Degree or Diploma in Computer Science, Computer Engineering, or Information Security related fields. 2 years of experience working in a Security Operation Centre (SOC) or Computer Emergency Response Team (CERT/CIRT). A relevant industry certification (e.g., CISSP, CISM, CRISC) is highly desirable and scripting capabilities (i.e. Python, Bash or PowerShell) are a plus. Working experience with OWASP Top 10, CVSS, MITRE ATT&CK framework, Cyber Kill Chain and DevSecOps strongly preferred. Good knowledge of different types of network communication (e.g., Local Area Network, Wide Area Network, Metropolitan Area Network, Wireless Wide Area Network, Wireless local Area Network). Good knowledge of incident response and handling methodologies. Strong troubleshooting, analytical, and problem-solving skills. Good knowledge of backup policies, change management, and security patching processes. Team player with good communication, presentation, and interpersonal skills. Meticulous, self-motivated, and able to work under pressure. Please be notified that only shortlisted candidates will be notified #J-18808-Ljbffr