Posted: Oct 05, 2021
Posted: Oct 05, 2021
Skills: IT - Analysis & Management, IT - Sys Admin & Support
Experience: 5 + Years
Education: Bachelors/3-5 yr Degree
INFORMATION & COMMUNICATION TECHNOLOGY
CYBER ATTACK MONITORING ANALYST (IT SECURITY)
Primary Purpose of Job
Responsible for monitoring, analysing and responding to information and operational security alerts triggered by QP Cyber Defence Platforms and Threat intelligence feeds. Primary responsibilities detect anomaly and potential security threats, filtering false positive alerts, determine if a critical system or data set has been impacted; provides technical analysis; provides recommendations on contamination and remediation; and escalates incidents when deep technical analyses required. Will use variety of tools to analyse and investigate incidents and take immediate action or recommend a course of action to safeguard QP.
Bachelor degree in information security, computer science, or systems engineering.
Experience & Skills
5+ years of experience working in a large-scale IT environment with focus on Information Security, and knowledge of Operational Technology. • 1-3 years previous Security Operations Centre Experience in conducting security monitoring or investigations. • Demonstrated ability to analyse, triage and remediate security incidents and strong understanding of security incident management, malware management processes. • Good knowledge of IT including multiple operating systems and system administration skills (Windows, Unix) • Good knowledge SIEM, SOAR, FW, Sandboxing, VPNs, and enterprise level cyber security products. • Understanding on the latest current cyber security intrusions, attacks, hacking techniques, vulnerability disclosures, data breach incidents and security analysis techniques is a big plus. • Good understanding on cloud, client-server applications, multi-tier web applications, relational databases. • Good awareness of IT Support processes, such as COBIT, ITIL. • Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols. • Knowledge on security best practices and concepts Vulnerability Assessment & Penetration Testing, and OT security best practices is a plus. • Possession of Industry Certifications (GCIA, SANS, ICS2, EC-Council, other relevant cyber security technical certifications). • Good understanding of Security frameworks and techniques.