Monitors SIEM, trouble tickets / email notifications and in-person escalations, logs from ICS infrastructure components (SCADA, HMI, PLC, RTU, Control Servers), applications or network devices such as switches, firewalls, IDS / IPS;
Design, implement, test Security Orchestration, Automation and Response processes and procedures;
SOAR playbook development and troubleshoot automation capabilities;
Examine the escalated tickets to determine if they are true positive or false positives.
Performs malware analysis, threat hunting and threat modeling activities;
Assist forensic investigation by providing reports and other information;
Reviews and suggests improvements to control deployment process and installation procedures
Develops and documents remediation recommendations for business owners to improve the control environment in which a security incident occurs.
Recommendations must be easily understood by non-technical staff;
Provide recommendations and direction on the tuning of signatures, rules, alerts, parsers, and custom scripts within the monitoring solutions;
Participates in root cause analysis and helps with the orchestration of remediation;
Understand defense in depth strategies and apply those to Client’s environment;
Creates and disseminates security related notifications for internal staff (for example : trends, developments, changes in capabilities);
Acts as L2 Escalation layer in the SOC.
Mentors Level 1 SOC Analysts;
Creates manuals, guides and knowledge base entries;
Keep abreast of latest security and privacy legislation, emerging threats, regulations, advisories, alerts, and vulnerabilities pertaining to HCE OT IR SOC and its customers;
Remains knowledgeable of our current solution portfolio and the technical specificities of our offerings.
Bachelor’s degree in a computer related field such as Computer Science, Computer information systems or electronics;
Minimum of 2 years’ experience in cyber security industry;
Minimum of 5 years’ experience in Information Technology;
Strong diagnostic and analytical skills including problem solving, trouble shooting, management of priorities and self-direction to resolve complex issues;
Effective written and verbal skill to enable strong communication capabilities;
Information Technology certifications : ITIL Foundations;
Security Certifications : CCNA, CompTIA Security+, GCIH, or other similar certifications;
Experience to automate tasks and integrate systems with Python;
Experience with SIEM platforms and logging solutions.
Other nice to have skills & certifications :
GCFA or CEH or other similar certifications;
Understand Advanced SOAR methodology;
Understand ICS communication protocols such as Modbus, Profibus, DNP3, S7comm and others.
Additional Qualifications :
Ability to write documentation and summaries;
Experience working in a client facing Cyber SOC environment;
Experience securing industrial or corporate networks and assets against cyber threats;
Knowledge of ICS environments;
Knowledge of cybersecurity frameworks such as MITRE ATT&CK, NIST.
Ability to work with minimal supervision;
A culture that fosters inclusion, diversity and innovation
Market specific training and ongoing personal development
Career growth opportunities
Experienced leaders to support your professional development
International work environment
Medical plan provided by Omniasig
Budget for flexible benefit scheme which can be used for travel, sports, dental scheme, and others
If this is your dream role, then we'd love to hear from you.
We are an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment.
Please contact us to request accommodation.