- Handle escalated security incident investigation and response from Tier-1: SOC Analyst.
- Oversight on security incident response activities performed by Tier-1: SOC Analyst.
- Proactive service improvements of monitoring & response playbooks to include lessons learnt from past incidents and perform deep-dive analysis on identified/known Tools, Techniques and Procedures (TTPs) of the cyber-attacks.
- Keep abreast on latest cyber security threats and vulnerabilities, in line with the changing Threat Landscape, Regulatory and Compliance requirements.
- Validates and evergreen the cyber security incident response plans, playbooks and other relevant Standard Operating Procedures within Cyber Defence Centre.
- Work closely with Service Management: Incident Management for collective response and situational awareness.
- Participate in the cyber stress testing and Table Top Exercises (TTXs)
- Utilizes and adheres to defined workflow and processes driving the Incident Response and mitigation efforts.
- Collects supporting information and/or relevant artifacts in support of Incident Response activities.
- Escalates and hands off to team members and leadership based on defined threat and priority determination.
- Conducts technical analysis on impacted systems to determine impact, scope, and recovery from active and potential cyber incidents.
- Leverages Forensics tools, techniques, and capacities to support Cyber Incident Response activities.
- Documents results of cyber threat analysis and subsequent remediation and recovery in an effective and consistent manner.
- Executes the Incident Response lifecycle and coordinating remediation activities throughout the Verizon organization and its lines of business as a part of Cyber Incident Handling.
- Recommends solutions to optimize both technical and process/procedure aspects of the end to end incident lifecycle.
- Produce security incident report
- This position involves an “on-call” rostering component for escalated incidents.
Qualifications
(Basic Degree/Diploma, etc.)
- Bachelor's Degree or Professional Qualification in the relevant discipline (IT / Cybersecurity / Computer Science)
- Security certifications e.g. CEH, CompTIA Security+, Splunk Core Certified Power User, ECIH, etc. are preferred.
- Network certifications e.g. CCNA, CCNP, etc are added advantages
- Minimum of 4 years of experience in IT security, preferably in IT/Cyber security monitoring, incident response, threat intelligence analysis role of a banking environment
Competencies/Skills
(Essential to succeed in this job)
Technical/Functional skills
- 4+ years of work experience in one or more of the following roles: SOC Analyst, Security Incident Response, Cyber Threat Hunter, Cyber Crime investigations, Cyber Threat Analysis, Cyber Threat Campaign Tracking.
- Understanding of common operating systems and IT Infrastructure such as Windows, Unix/Linux, Active Directory, firewalls, proxies, etc.
- Familiarity with automation concepts and proficiency in scripting languages such as Python, Perl, JavaScript, Powershell, etc.
- Strong analytical skills and critical thinking skills
- Effective communication skills (both written and verbal)
- Strong organization, prioritization, and rationalization skills.
Personal skills (Soft Competencies [Core/Leadership])
- Highly results-oriented and can work independently.
- Ability to build relationships and interact effectively with internal and external parties.
- Ability to plan, organize and prioritize tasks.
- Ability to work effectively as a team.
- Good analytical, technical, written and verbal communication skills.
Laporkan kerja
