About The Team
We aspire to make banking simple for everyone. Our digital banking services provide secure, stable, and easy-to-use banking products such as savings, payments, loans, investments and more to individuals and enterprises. Our Digital Bank Technology teams build and operate technology platforms and systems that are at the foundation of the banking services.
The SOC (Security Operations Center) team offers security operations and incident response services to digital banking businesses operating in all regions. They serve as the first line of defence against cyber attacks targeting the banks infrastructure, services, and applications.
Job Description
- Conduct in-depth analysis and root cause investigation of incidents escalated by the SOC Analyst.
- Collaborate with other stakeholders such as Network, Product, Dev and various teams to triage and remediate security incidents.
- Enhance and fine-tune threat detection scenarios and strategies.
- Research and analyse the latest attacker tactics and implement proactive security measures.
- Establish new and maintain existing security operation guidelines, procedures, and playbooks.
- Participate in the distributed 24x7 operations and on-call duties.
Requirements
- Minimum 2 years of experience in roles related to Security Operations, Threat Intelligence, or Incident Response.
- Comprehensive understanding of threats, vulnerabilities, exploits, defences, security principles, and policies.
- Familiarity with security automation, including the creation and execution of alert response runbooks.
- Extensive hands-on experience with both open-source and commercial SIEM systems.
- Extensive expertise in the analysis of event and system logs, conducting packet and forensic analysis to support intrusion investigations
- Proficient knowledge of security best practices and key security technologies, including but not limited to: EDR, HIDS, WAF, DLP, NIDS, NIPS
- In-depth knowledge of Linux and Windows administration, including system authentication , patch deployment , system configuration and security controls
- Competence in using scripting languages such as Python or similar, PowerShell scripts, and bash for various security-related tasks.
