Location Shanghai
Salary 1000000-1500000CNY
Industry
Job functions
Job number 10457

Company overview

Global internet company

Job description

Key Responsibilities:
• Establish and improve existing operational procedures and security policy for maturity of SOC operation.
• New log source on boarding, health check, resources (ie EPS) for efficient operation of SIEM equipment
• Assist in operating SOC environment or infra (SIEM, IPS, FW, AWS, etc)
• Assist in managing SOC tasks (project management, error management, etc)
• Defend systems against unauthorized access, modification and/or destruction
• Respond immediately to security incidents and provide post-incident analysis
• Design and conduct security audits to ensure operational security
• Security assessment for new solutions in perspective of SOC.
• Research and recommend security controls
• Provide technical advice to colleagues across different business units
Basic Qualifications:
• 7+ years as a security engineer, with at least one year as part of a SOC or supporting a SOC/SIEM infrastructure as an engineer
• Understanding of the incident response process and enterprise information security fundamentals
• Awareness about security products and technologies, and networking protocols
• Knowledge of configuration of IT security appliances such as firewalls, IDS, IPS, FW, EDR and SIEMs
• Knowledge of security operations analysis, detection and response tools including but not limited to SIEM, IDS/IPS, EDR
• Knowledge of linux system and the type of logs. (application logs, system logs, etc)
• Ability to program and script to achieve the following- API interactions, automation, data parsing and clean up
• Ability to programmatically interact with APIs in security tools and platforms
• Strong process management background with a keen interest in continuous improvement
• Desire to learn new skills and improve current skills to deliver optimal services to the SOC
• Conceptual understanding of cloud computing
• Experienced in working in a public cloud environment preferred
• Ability to interact with Security analysts in order to derive requirements and convert those requirements to deliverable
• Self motivated
• Ability to be flexible and work during non-business hours (to support a global team in different timezones)
Preferred Qualifications:
• Certified in one or more of the following preferred: CISSP, CISA, CCNA, CISM, SANS GIAC
• Knowledge of Cloud service practices and principles (e.g AWS, Azure)
• Development experience in Web Services (HTTP, HTML, AWS, REST, SOAP, Atom)
• Development experience in Automation and Script (Linux shell, Python, Perl, Powershell)
• Experience in developing using Log Search (ELK, Splunk), TSDB (Time series DB)
• Knowledge of DevOps and Agile practices and principles
• Working knowledge of the current cyber threat landscape
• Understanding of major threats and threat actors and their relevance to the eCommerce industry

Additional information

Need Help?

Feel free to connect with us

Job application

You are about to apply to the following job: Principle Security Engineer-SOC . Applying a job is not a commitment, it gives us the authorization to show your CV to the employer

Upload from Computer


Full Name
Company and title

LinkedInProfile

i18n: If This Is Not You i18n: Go To Linkedin i18n: And Log In With Your Credentials.


Application confirmed!
Thank you for applying! We shall be in touch with you.

Jobs you might be interested in