Responsibilities of an Global Cyber Security Operations:
- Managing the Global Security Operations Center (SOC), including daily operations, processes, operations quality, and team resources.
- Responsible for incident and vulnerability management and lifecycle management from start to finish.
- Responsible for thorough and professional analysis of detected incidents, vulnerabilities, and other unusual events and providing professional advice for improvement.
- Responsible for Identity and Access Management (IAM) and Firewall rule operations, including but not limited to application request handling, firewall rule review and approval, and process design and automation.
- In charge of penetration testing, red/blue team exercises, including planning, execution, and analysis
- In charge of incident investigation and forensic analysis
Requirements of an Global Cyber Security Operations:
- Proven leadership in a lean team
- Proven technical expertise in global security operations and SOC management
- Proven solid technical skills in the management of tools for Threat Intelligence, Threat hunting, detection, response, IAM, firewall, and vulnerability, including but not limited to IPS, EDR, UEBA, SIEM, and SOAR.
- Understanding of incident investigation and forensics
- Understanding and experience with the NIST Cybersecurity Framework (CSF);
- MITRE ATT&CK and Cyber Kill Chain knowledge and experience
- Certified Information Systems Security Professional (CISSP) or equivalent
- Need to be able to communicate in Mandarin