Cyber Security Expert

  • Negotiable
  • Hong Kong
  • Permanent, Full time
  • S.W.I.F.T. s.c.r.l.
  • 09 Jan 17

The Security Operations Center team is looking for a Cyber Security Expert. The team is responsible for prevention of Cyber Security Incidents by real time monitoring, detection and analysis of potential intrusions in real time in the SWIFT infrastructure and network. You will be responsible for analyzing and responding to cyber threats which will involve the use of troubleshooting tools as well as writing scripts to aid in quick analysis to define and apply an appropriate response. The job involves operating and tuning security supporting tools as well as providing requirements for new security tools.

Responsibilities

  • Participate in Complex Real Time Monitoring and Triage activities
  • Observation, triage, correlation, analysis/investigation and closure of real time complex security events created by the Security analytics and correlation platform
  • Data Hunting Technology Management and Use Cases
  • Advanced configuration and development of high end data hunting technologies.
  • Experience with technologies such as Q1 Radar, ArcSight, Splunk, and other appropriate tools for evidence of new or ongoing attacks is advantageous
  • Capable of creating use cases for advanced security monitoring
  • Data Hunting Analysis
  • Using advanced analytics to create cyber analysis, observations, threat indicators, intelligent insight, and recommended course of action.
  • Day to day analysis of information systems security events for potential Cyber-attacks. Response to any Cyber Security alerts and incidents
  • Contributing to Cyber Security Internal Intelligence building
  • Using, enhancing and tuning tools for efficiently managing large collections of security events
  • Provide input to the design, assist in testing the functionality and participate in the operational readiness testing related to projects for data, systems and network security infrastructure/management
  • Acquire knowledge of changing technologies in own area of responsibility, and provide recommendations for adaptation of technologies or policies to our Security Delivery team

Requirements

  • Bachelor's degree in Computer Science or related field
  • Experience of developing threat models
  • Experience in network and host forensics
  • Knowledge of Intrusion Detection Systems (IDS) and signature management
  • Extensive knowledge of security, intelligence and threat management
  • Work experience with Scripting languages such as PHP, Perl or Python and databases such as MySQL
  • Comprehensive Knowledge of TCP/IP, IPv6, UNIX, Windows, HTTP
  • Skilled in performing packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump)
  • Knowledge of intrusion detection and vulnerability assessment capabilities
  • Utilizing creative problem-solving and communication--oral and written--skills, emphasizing the abilities to articulate, explain, and deliver technical concepts and issues to non-technical business leadership
  • Ability to learn in fast-paced, multi-dimensional, technical environment
  • Strong analytical and communication skills
  • Self-driven as well as be a good team player
  • Must be authorized to work in Hong Kong