Carry out maintenance, support and operation of the project's security solution platforms.
Maintain understanding of the architecture and work with security team to understand the use case and playbooks to be created.
Identity, evaluate and recommend new areas of improvements for the implementation.
Perform day to day operational task, scheduled change requests, troubleshooting and maintenance of the implementation.
Develop and maintain automation for build and/or maintenance of security solutions
Managing of security solutions, including patch management such security solutions.
Support vulnerability assessments by reviewing and providing remediation to the security hardening of the security solutions.
Involvement in improving and evolving workflow, processes and best practices to increase system maintenance efficiency and security standards.
Sharing of knowledge through technical documentation, knowledge based articles and sharing sessions with fellow peers in the team.
Collaborate with relevant parties and provide consultation as a Subject Matter Expert (SME) to deliver final project outcome
Onboarding new log sources to SIEM solutions
Creating and maintaining log parsers/data flow for onboarded logs
Requirements
Experience in providing technical support and administration of the security solutions (SIEM, SOAR, Threat Intel Platform, log management platform etc)
Working experience in powershell, regex, bash and/or scripting
Strong troubleshooting and analytical skills for resolving issues
Basic project management skills
Positive working attitude and a team player
Passionate in information security and keen attitude to learn
Professional certificates such as SIEM Certified Administrator, SIEM Certified Architect, SOAR Certified Administrator, equivalent or more.
Professional training or certificates in Splunk, McAfee, Carbon Black, Anomali, RSA SecurID will be an added advantage
Disciplines in Computer Science, Computer or Electronics Engineering, Information Technology or related qualifications
