To support our expansion, we require an experienced Senior Security Operations Analyst to support our Cybersecurity Team.
Block.one is a software publisher specializing in high performance blockchain technologies. Its first project, EOSIO, an open-source blockchain protocol designed to enable secure data transfer and high-performance decentralized applications, has received global recognition as the first performant blockchain platform for developers, following its introduction in May 2017
Through its affiliate, Block.one Hong Kong provides software development and consultancy services through its office in Central, Hong Kong. We are continuing to look for global and local talent to join us in Hong Kong to offer creative solutions based on the latest technological innovations and trends.
To support our expansion, we require an experienced Senior Security Operations Analyst to support our Cybersecurity Team. If your are passionate about all things cyber security, then the Senior Security Operations Analyst role with Block.One is for you. The role will afford you the opportunity to work on, be exposed to and receive training on various cutting edge security tools and data sets.
- Provide subject matter expertise in various areas of cyber security including but not limited to; event triage, SIEM rule creation, threat intelligence and hunting, forensics and malware reversing/investigation.
- Act as an Incident Response point of contact for Security Leads and Management.
- Provide guidance to and train new incoming Security Analysts.
- Ability to provide presentations/reports to various audiences.
- BS/BA degree in Cyber Security/Computer Science or equivalent combination of related work experience desired.
- 5+ years of verifiable experience in the Security Operations space, Security Operations Center (SOC) experience a plus.
- Ability to work across different regions in a process/procedure driven organization.Ability to gather and interpret information through the use of computer network defense and forensics tools.
- Experience performing analysis with Security Information Event Management (SIEM) technologies such as Splunk, ArcSight and OSSIM.
- Experience performing proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks.
- Strong working knowledge of TCP/IP stack, as well as L7 protocols (e.g. HTTPS, HTTP, SMTP, DNS)
- Possess an in-depth understanding and working knowledge of security appliances/tools such as host
- based and network based IDS/IPSes WAFs, Endpoint Detection and Response (EDR) tools etc.
- Very strong understanding of networking protocols, operating systems and cyber security concepts and technologies.
- Experience with vulnerability assessments - scanning the environment, generating reports and engaging with system owners and stakeholders to make certain that any observed vulnerabilities or security concerns are addressed/remediated.
- GCIA, GCIH, GCFE, GCFA, GREM, Splunk Power User, OSCP, EnCE or similar certifications.
- Experience performing security analysis and writing content for one or more SIEM technologies.
- Understanding of the current cyber threat landscape.
- Excellent communication skills verbal and written.
- Experience and proficiency with writing guidelines, processes and procedural documentation.
- Ability to perform read-outs of analysis and research to various audiences.
- Self-starter, team-player with the ability to coordinate and collaborate on multiple issues
- simultaneously with various stakeholders.
- Experience with troubleshooting complex issues in a very technical environment.
- Proficiency with case management and ticketing systems.
- Ability and willingness to mentor and train new/incoming Analysts.