Key Responsibilities
- Configure, monitor, and maintain cybersecurity platforms, including SIEM, EDR, XDR, NDR, SOAR, and MTD, to ensure stable and efficient operations.
- Lead the design, deployment, and integration of security tools (Firewalls, WAF, Antivirus, Endpoint Protection, DLP, Email/Web Security).
- Perform regular system patching, upgrades, and proactive performance monitoring to minimize downtime and enhance resilience.
- Conduct cyber risk assessments, vulnerability management, and penetration testing to identify and remediate security gaps.
- Collaborate with SOC and IT teams to enhance threat detection, incident response, and remediation capabilities.
- Manage user access control and enforce security policies, including role-based access control (RBAC).
- Analyze security events, network traffic, and user activity to proactively detect anomalies and potential intrusions.
- Prepare and maintain detailed security documentation, reports, and SOPs.
- Provide technical leadership, mentoring, and knowledge sharing to security engineers and SOC analysts.
- Liaise with vendors and stakeholders to evaluate, implement, and support best-in-class cybersecurity solutions.
- Automate security processes and playbooks to improve efficiency, reduce Mean Time to Detect (MTTD), and Mean Time to Remediate (MTTR).
Required Skills & Experience:
- Strong hands-on experience with security platforms and tools:
- EDR/XDR: CrowdStrike, TrendMicro, SentinelOne, Symantec
- DLP, Encryption, Database Security, Backup & System Recovery
- SIEM & SOAR: Google Chronicle, Exabeam, Palo Alto Cortex, IBM Resilient
- Email & Web Security: Proofpoint, TrendMicro, Barracuda
- Firewalls: Fortinet, Palo Alto, Cisco Firepower, F5 Big-IP, Barracuda
- Virtualization: VMware, Hyper-V, Nutanix
- Expertise in threat intelligence platforms (TIPs) and micro-segmentation technologies (Illumio, Cisco).
- Solid understanding of Active Directory Security, DNS, and enterprise networking (Cisco, Juniper, Nexus).
- Proven track record in vulnerability management (Qualys, Rapid7) and penetration testing (SEC542, Web App Security).
- Certifications: CCNP (Network & Security), CCT (Datacenter), MCSE, MCSA, MCP, VMware will be added advantage.
- Strong incident response, threat hunting, and cyber risk assessment capabilities.
- Team leadership and vendor management experience.
Please refer to U3's Privacy Notice for Job Applicants/Seekers at When you apply, you voluntarily consent to the collection, use and disclosure of your personal data for recruitment/employment and related purposes.
