- Work under the Incident Response Team as L2 handling cyber security incidents within the company’s subsidiaries around Southeast Asia. - Acted as Subject Matter Expert (SME) for security tools and assisted in creating SIEM and security tools monthly reports. - Assessed and implemented security tools, ensuring optimal configurations and alignment with best practices. - Processed and resolved tickets raised through BMC Helix and assisted L1 analysts in investigating incident alerts from SIEM. - Developed SIEM incident playbooks and security tools runbooks to enhance response processes. - Conducted project and application security assessments, including creating process documents for ISO 27001 accreditation. - Led security tools knowledge transfers, training sessions, and the escalation of Cyber Insurance Findings to recommend remediation procedures. - Performed bi-annual security tools user access reviews and supported the Compliance Team in addressing audit findings. - Processed and analyzed suspicious or phishing emails, validated EDR detections, and implemented necessary mitigations. - Collaborated with third parties on tool implementation and support, while escalating threat intelligence and zero-day vulnerabilities to respective teams for patching. - Participate and assist in network cloud migration. - Assist IT Project Managers to collate metrics and create monthly KPI reports.

더보기

- Monitoring of the NTT security tools to review and analyse security logs from client environments. - Generate continuous improvement ideas for supported security tools. - Work as part of a global Cyber team that works 24/7 on rotational shifts. - Work with internal stakeholders to enable more efficient detection, analysis and reporting. - Monitoring of the NTT security tools to review and analyse security logs from client environments. - Generate continuous improvement ideas for supported security tools/technologies.

더보기

- Cyber Threat Detection Officer (L1 Shift Lead, Probationary) - Work as part of Cyber Security Incident Response team that works 24/7 on rotational shifts. - Lead and train newly onboarded team members. - Conduct daily monitoring of security tool dashboards and validate generated offenses in SIEM to ensure accurate threat detection. - Review and analyze firewall policies and procedures; perform vulnerability assessments on servers to identify and mitigate risks. - Execute Level 1 and Level 2 incident response procedures, including malware analysis of suspicious files encountered within the network. - Prepare detailed incident reports aligned with company requirements, including categorized reportable incidents. - Facilitate team projects, such as in-house malware analysis training, and share threat intelligence with the Cyber Threat Intelligence Unit. - Attend industry seminars and conferences to evaluate new security tools and streamline team processes. - Assess suspicious emails, identify malicious Indicators of Compromise (IOCs), and request IOC blocking through security tools.

더보기