SOC Incident Response Specialist (AVP/VP)

  • Competitive
  • Singapore
  • Permanent, Full time
  • Morgan McKinley Singapore
  • 17 Oct 18

SOC Incident Response Specialist (AVP/VP)

The main responsibilities for this incumbent is to investigate events escalated from Senior / SOC Analysts, correlate events (through SIEM, phone or email) and information to cyber related information security policies to identify violation. In the event is classified as an incident, the incumbent will take responsibility for incident handling by reviewing tickets, handling standard events according to given procedures, managing incidents with low severity independently, escalate to appropriate teams for further investigation and incident handling where necessary.

Experience / Requirements:

  • Minimum Bachelor graduate in Computer Science/Information Technology or equivalent work experience with minimum of 8 years.
  • Strong security background (understanding of risk, vulnerabilities, security policies, etc.)
  • Solid understanding of enterprise grade technologies including security devices, network engineering, operating systems, databases and applications and their security settings and configurations
  • Ability to read and understand information security policies and able to translate into operational processes to identify malicious intent or violation.
  • Knowledge and experience in various security tools (e.g. SIEM, Database activity monitoring, network monitoring and analysis tools, Big Data analytics)
  • Knowledge of adversary tactics, techniques, and procedures (TTP), general attack stages, kill-chain and attack types
  • Strong knowledge and experience in incident handling and incident response methodologies
  • Relevant Security certifications (e.g. GCIH, GCIA, CEH, OSCP, OSCE, GCFA, CSIH, CISSP) and technical certifications (e.g. CCNP, MSCE) are required
  • Excellent verbal and written communication skills (English language)
  • Experience of working in high performing teams and understand the dynamics of teamwork in a international SOC environment

Registration No: R1106192

EA Licence No: 11C5502