Tech Security Operation Blue Team

Provide expertise to help improve security domains (identify, detect, prevent, respond, and recover) of the organization.

Maintain security tools and processes for protection, monitoring, and remediation including SIEM, AV, EDR, IDS, IPS, EMail Security, and DLP.

Create, verify, and fine-tune security rules for automated detection and remediation.

Investigate security events and incidents; collect evidence and work across teams to isolate and/or remediate as necessary, document best practices found as a baseline for further improvements to avoid similar issues.

At least 2 years of experience as a cybersecurity field

Strong analytical skills with the ability to generate insight from statistics and to make strong assumptions based on gathered information.

Experience with threat hunting/detection and incident response.

Able to work with Windows and Linux/UNIX environments.

Proficient in scripting like Powershell or Python.

Always updated to the latest cybersecurity news, trends, and research.

Experience with working with SIEM will be plus.

Preferably has knowledge of Cloud platform (gcp & alibaba)

Active directory, Security of common third-party collaboration tools (example: Confluence, Slack, Jira)

Operating systems security (Windows/Linux/Mac) & Hardening

Has security Certification