Security Operations Centre (SOC), Engineer
Job ID: 002053 The Role
- Maintain technical architecture of the Security Incident & Event Management System (SIEM) system, enabling all the components to send logs to SIEM, and detect and correct failure or incomplete log sending, to ensure effective SOC operations.
- Maintain up-to-date documentation of design or configurations of security systems.
- Responsible for new version release management, policy and integration testing, security testing and vendor management.
- Maintain hardware or software revision of SIEM and related SOC tooling, content, security patches hardening and documentation.
- Develop and deploy content for the SIEM infrastructure, including use cases for dashboards, active channels, reports, rules, filters, trends, and active lists.
- Monitor and help optimize data flow using aggregation, filters, and use cases to improve the SOC monitoring and response capabilities.
- Coordinate and conduct event collection, log management, event management, compliance, automation, and identity monitoring activities.
- Respond to day-to-day security change requests related to SIEM operations.
- Assist security incidents and CSIRT process
- Assist in Security incident desktop walkthrough and Tabletop exercise to test and CSIRT process
- Assist in Cyber range and advanced security training exercise to improve the team's detect and response capability.
Job Requirements The Person
- Degree in Information Technology, Computer Science or equivalent
- Minimum five (5) years of experience in IT security
- Familiar with corporate security controls and tools
- Good implementation knowledge in SIEM software (IBM Qradar),and integration with other supporting modules/tools
- Excellent written and verbal communications skills
- Able to manage key stakeholders and outsourced vendors
- Good team player
- Able to observe and display high level of integrity
- Highly analytical and able to prioritize needs and requirements
- Able to articulate complex cyber security issues
- Candidate must be willing to work at Cyberjaya