SOC Security Engineer

Responsibilities:

• Ensuring the operational availability and efficiency of the SOC systems and infrastructure
• Direct and lead in the problem management of technical and performance issues in SOC systems and infrastructure
• Management and fine-tuning of SOC systems and infrastructure
• Support deployment of logs collection programme
• Support the provisioning and interpretation of log and network packet data (including SNARE, CEF, PCAP and NetFlow) by scripting or parsing
• Setup and writing of SIEMS correlation rules

Qualification and Experience:

• Minimal 2 years of relevant working experience in SOC as a SOC engineer with hands-on experience in SIEMS and SOC systems, including case management tools administration and management
• Familiar with SOC processes
• Minimally possess a Bachelor Degree in Information Technology / Computer Engineering
• Minimally SANS 400 certified

Knowledge and Technical Skills:

• Hands-on experience in the setup and writing of SIEMS correlation rules
• Hands-on experience in the provisioning and interpretation of log and network packet data
• Hands-on experience in parser creation
• Strong foundation in Internet protocols (TCP/IP) and routing protocol
• Hands-on experience in Unix/Linux/Windows administration, virtual machine, storage & backup system, network & security management
• Strong foundation in security threat and attack countermeasure
• Analytical problem solving and troubleshooting skill
• Effective time management and organisational skill
• Effective (written, oral, listening) communication skill
• Experience in vendor management
• Hands-on experience in the design, implementation and management of SOC infrastructure