Job Description

:

Role Proficiency: * Work on a specific project or specific set of tasks under close supervision by supervisors from respective functional area

Outcomes:

Measures of Outcomes: * Adherence to agreed upon goals for interenship

• Adherence to Schedule
• Quality of work - Feedback from supervisor
• Process adherence of new ideas proposed and taken ahead

Outputs Expected:

Skill Examples: * Excellent interpersonal and written and oral communication skills

• Ability to work with diverse groups and work as a team with others
• Highly organized and detail-oriented
• Ability to set goals and create plans for execution

Knowledge Examples: * Ability to adapt to new work environment

• Familiar with Microsoft Suite

Additional Comments:

The Security Operations Group of CyberProof consists of a global team of highly talented people. With 100+ highly experienced, certified cyber security experts, researchers and analysts, majority of our tier 3-4 expertise comes from Israeli Intelligence. This group strategize, develop and execute all cyber security activities locally and globally. Individuals and teams in this group work closely with client cyber security team and customer CISOs, CIO\'s and/or senior business management on business & cyber security strategies and solutions. Organization and Reporting Report to SOC Manager ? Resolve, escalate, report, and raise recommendations for resolving and remediating security incidents ? Handle the advanced monitoring of system logs, SIEM tools, and network traffic for unusual or suspicious activity ? Set up SIEM solutions and troubleshoot connectivity issues ? Investigate and resolve security violations by providing post-mortem analysis to illuminate issues and possible solutions ? Collate security incident and event data to produce monthly exception and management reports ? Report unresolved network security exposure, misuse of resources, or noncompliance situations using defined escalation processes ? Assist and train team members in the use of security tools, the preparation of security reports, and the resolution of security issues ? Develop and maintain documentation for security systems and procedures ? Recommend, schedule, and apply fixes, security patches, and any other measures required, in the event of a security breach Triage incidents during APAC hours a. handling of email cases (phishing or any emails user reported) b. malware cases mainly from Tanium EDR and Cortex XDR c. mailbox monitoring (users will write to inquire and/or report cyber incidents via mailbox) d. on call during work hours ( Group users may call the hotline to inform on any incidents) Collaborate with other regions or people from other teams (threat intel, forensics, legal...) for major incidents. Plan and schedule for public holiday coverage and/or other coverage requested by managers of other regions. Customer POC in terms of resource assignments for continued delivery in Singapore. Responsible for client interactions and creating documentation / Playbooks for the customer Experience & Qualifications Required ? Minimum 3+ years of experience as a Senior Analyst working as part of a SOC team ? Experience with SIEM vendors such as QRadar, ArcSight, RSA, and LogRhythm ? Experience in incident response, and in writing procedures runbooks and playbooks ? Ability to work with customer\'s IT and security teams

UST Global