13 Soc Engineer jobs in Vietnam
Information Security Analyst - Remote Monitoring
590000 Pleiku, Gia Lai
WhatJobs
Posted 2 days ago
Job Viewed
Job Description
Our client is seeking a skilled and vigilant Information Security Analyst to join their remote security operations center. This is a fully remote position, dedicated to protecting our client's digital assets and ensuring the confidentiality, integrity, and availability of their information systems. You will be responsible for monitoring security alerts, investigating potential threats, implementing security controls, and responding to incidents. The ideal candidate will have a strong understanding of cybersecurity principles, network security, and common attack vectors. Proficiency with security information and event management (SIEM) tools, intrusion detection systems (IDS/IPS), and endpoint detection and response (EDR) solutions is essential. This role requires a proactive approach to threat hunting, excellent analytical skills, and the ability to work effectively under pressure in a remote environment. You will collaborate with IT teams to enhance security posture and stay ahead of evolving threats. Your expertise will be critical in safeguarding sensitive data and maintaining compliance with security standards. Key responsibilities include:
Qualifications:
- Monitoring security alerts and events from various security systems (SIEM, IDS/IPS, EDR, firewalls).
- Investigating security incidents, identifying root causes, and recommending remediation actions.
- Performing vulnerability assessments and penetration testing.
- Implementing and managing security controls and best practices.
- Developing and maintaining security policies, procedures, and documentation.
- Responding to security incidents, including containment, eradication, and recovery.
- Conducting threat hunting activities to proactively identify and mitigate risks.
- Staying up-to-date with the latest cybersecurity threats, trends, and technologies.
- Educating employees on security awareness best practices.
- Ensuring compliance with relevant data protection regulations and standards.
Qualifications:
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- Minimum of 3 years of experience in information security or a related IT security role.
- Proficiency with SIEM, IDS/IPS, firewalls, and EDR tools.
- Strong understanding of network protocols, operating systems, and common security vulnerabilities.
- Experience with incident response and forensic analysis.
- Knowledge of security frameworks and compliance standards (e.g., ISO 27001, NIST).
- Excellent analytical and problem-solving skills.
- Strong written and verbal communication abilities.
- Ability to work independently and manage priorities effectively in a remote setting.
- Relevant security certifications such as CompTIA Security+, CISSP, CEH are a plus.
This advertiser has chosen not to accept applicants from your region.
0
Information Security Analyst - Threat Detection & Incident Response
000000 Thai Binh , Thai Binh
WhatJobs
Posted today
Job Viewed
Job Description
Our client is seeking a highly skilled Information Security Analyst specializing in threat detection and incident response to join their cybersecurity team in a fully remote capacity. This role is critical for protecting the organization's digital assets and ensuring the confidentiality, integrity, and availability of information systems. As a remote-first analyst, you will monitor security alerts, investigate potential threats, and lead the response to security incidents from your home office. Your responsibilities will include analyzing security logs from various sources (firewalls, intrusion detection systems, endpoint protection), identifying malicious activities, and performing forensic investigations to determine the scope and impact of security breaches. You will develop and refine incident response playbooks, execute containment strategies, and coordinate eradication and recovery efforts. The ideal candidate will possess a deep understanding of cybersecurity principles, threat landscapes, and incident handling methodologies. Experience with security information and event management (SIEM) tools, network security monitoring, and endpoint detection and response (EDR) solutions is essential. You will collaborate closely with IT operations, development teams, and legal departments during incident management. This role requires strong analytical and problem-solving skills, the ability to work under pressure, and excellent communication abilities to convey technical information clearly and concisely. Staying current with emerging threats, vulnerabilities, and security technologies is paramount. A Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field is required. Relevant certifications such as CompTIA Security+, CEH, or CISSP are highly valued. A minimum of 4 years of experience in information security, with a specific focus on threat detection and incident response, is mandatory. Proven experience in analyzing security alerts, conducting forensic investigations, and managing security incidents is required. Familiarity with scripting languages (e.g., Python, PowerShell) for automation is a significant advantage.
Responsibilities:
Responsibilities:
- Monitor security alerts and logs from various security tools (SIEM, IDS/IPS, EDR).
- Investigate potential security incidents and perform root cause analysis.
- Conduct digital forensics to understand the scope and impact of breaches.
- Develop and execute incident response plans and playbooks.
- Coordinate containment, eradication, and recovery efforts during security incidents.
- Analyze threat intelligence and proactively identify potential vulnerabilities.
- Collaborate with IT and other departments to implement security controls.
- Stay updated on the latest cybersecurity threats, vulnerabilities, and trends.
- Document incident details, actions taken, and lessons learned.
- Contribute to the improvement of security monitoring and incident response capabilities.
- Bachelor's degree in Computer Science, Cybersecurity, or IT.
- Minimum 4 years of experience in information security, focused on IR.
- Proficiency with SIEM, IDS/IPS, and EDR tools.
- Strong understanding of cybersecurity principles and threat landscapes.
- Experience with digital forensics and incident response methodologies.
- Excellent analytical, problem-solving, and communication skills.
- Relevant certifications (Security+, CEH, CISSP) are highly preferred.
- Ability to work independently and manage critical situations effectively.
This advertiser has chosen not to accept applicants from your region.
1
Security Operations Specialist
Hanoi, Hanoi
SmartDev
Posted today
Job Viewed
Job Description
Company Description
SmartDev is a leading provider of global software solution. SmartDev was established in 2014 and is a wholly owned subsidiary of Verysell Technologies Group (Switzerland).
SmartDev combines renowned Swiss quality with the Vietnamese passion to provide excellence and value. SmartDev brings together smart people both internally and externally to create partnerships that push boundaries and challenge the status quo.
**Job Description**:
- Ensure ICS solutions and infrastructure are designed, implemented, and managed in accordance with ICS policies, standards and baselines.
- Perform timely maintenance (e.g. patching) of the ICS solutions and infrastructure, including but not limited to Endpoint Detection and Response (EDR), web proxy, Data leakage Prevention (DLP) solutions.
- Support and troubleshoot issues on ICS solutions and infrastructure.
- Perform routine vulnerability scans on Audax enterprise network and track open vulnerability issues to closure within SLA.
- Handle user requests for ICS related exceptions, including but not limited to Data leakage prevention controls exceptions, web browsing exceptions.
- Oversee the user lifecycle management, including but not limited to user access provisioning, user access review, leaver management.
- Oversee firewall rules and/or network access control policies recertification process.
- Define and document processes for the in-scope security operations.
**Qualifications**:
- More than 5 years of security operations experience.
- Experience working with cloud native technologies and security products.
- Proven track record in user lifecycle management, vulnerability management and network security operations and review.
- Keen eye on identifying opportunities to improve on process efficiencies
- Strong problem solving, analytical skills and interpersonal skills.
- Strong communication skills -oral and written
**We are also looking for**:
- A hustler who is highly adaptable and able to perform in a fast-paced dynamic environment.
- A team player who champions ownership and upholds a collaborative work environment.
- An inquisitive learner who has the appetite for continuously improving and streamlining processes and the way we work.
Additional Information
BENEFITS:
- Good work environment and good colleague (parties, holidays, team building activities)
+ Competitive Salary
+ Commission
+ Other benefits to be discussed
- 20 annual leave days alongside Vietnamese public holidays
- Self-organize project team
- Work with high profile multinational companies
- PVI Premium Healthcare System
SmartDev is a leading provider of global software solution. SmartDev was established in 2014 and is a wholly owned subsidiary of Verysell Technologies Group (Switzerland).
SmartDev combines renowned Swiss quality with the Vietnamese passion to provide excellence and value. SmartDev brings together smart people both internally and externally to create partnerships that push boundaries and challenge the status quo.
**Job Description**:
- Ensure ICS solutions and infrastructure are designed, implemented, and managed in accordance with ICS policies, standards and baselines.
- Perform timely maintenance (e.g. patching) of the ICS solutions and infrastructure, including but not limited to Endpoint Detection and Response (EDR), web proxy, Data leakage Prevention (DLP) solutions.
- Support and troubleshoot issues on ICS solutions and infrastructure.
- Perform routine vulnerability scans on Audax enterprise network and track open vulnerability issues to closure within SLA.
- Handle user requests for ICS related exceptions, including but not limited to Data leakage prevention controls exceptions, web browsing exceptions.
- Oversee the user lifecycle management, including but not limited to user access provisioning, user access review, leaver management.
- Oversee firewall rules and/or network access control policies recertification process.
- Define and document processes for the in-scope security operations.
**Qualifications**:
- More than 5 years of security operations experience.
- Experience working with cloud native technologies and security products.
- Proven track record in user lifecycle management, vulnerability management and network security operations and review.
- Keen eye on identifying opportunities to improve on process efficiencies
- Strong problem solving, analytical skills and interpersonal skills.
- Strong communication skills -oral and written
**We are also looking for**:
- A hustler who is highly adaptable and able to perform in a fast-paced dynamic environment.
- A team player who champions ownership and upholds a collaborative work environment.
- An inquisitive learner who has the appetite for continuously improving and streamlining processes and the way we work.
Additional Information
BENEFITS:
- Good work environment and good colleague (parties, holidays, team building activities)
+ Competitive Salary
+ Commission
+ Other benefits to be discussed
- 20 annual leave days alongside Vietnamese public holidays
- Self-organize project team
- Work with high profile multinational companies
- PVI Premium Healthcare System
This advertiser has chosen not to accept applicants from your region.
2
Senior Security Operations Engineer
540000 An Thanh
WhatJobs
Posted today
Job Viewed
Job Description
Our client is a leader in cybersecurity solutions and is seeking an experienced Senior Security Operations Engineer to join their team. This role is crucial for maintaining and enhancing the security posture of our organization, focusing on the detection, prevention, and response to cyber threats. You will be responsible for managing security infrastructure, developing operational procedures, leading incident response efforts, and mentoring junior security analysts. The ideal candidate will possess extensive knowledge of security technologies, threat intelligence, and incident management frameworks. A strong understanding of network security, endpoint security, and cloud security is essential. You will work closely with IT operations, development teams, and business units to ensure comprehensive security coverage and compliance. Responsibilities include:
- Managing and optimizing security operations center (SOC) tools and technologies, including SIEM, IDS/IPS, EDR, and SOAR platforms.
- Developing and implementing security operational procedures and playbooks.
- Leading incident response activities, including investigation, containment, eradication, and recovery.
- Conducting threat hunting and proactively identifying potential security breaches.
- Analyzing security alerts and events to identify and respond to malicious activities.
- Performing vulnerability assessments and working with IT teams to remediate findings.
- Developing and maintaining security monitoring and alerting capabilities.
- Contributing to the continuous improvement of security operations processes and efficiency.
- Providing technical leadership and guidance to the security operations team.
- Staying current with emerging threats, vulnerabilities, and security technologies.
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
- Minimum of 5 years of experience in security operations, incident response, or a related cybersecurity role.
- Proven experience with SIEM, IDS/IPS, EDR, and other security monitoring tools.
- Strong understanding of TCP/IP, networking protocols, and operating systems (Windows, Linux).
- Experience with cloud security (AWS, Azure, GCP) is highly desirable.
- Knowledge of threat intelligence platforms and frameworks (e.g., MITRE ATT&CK).
- Excellent analytical, problem-solving, and critical thinking skills.
- Strong communication and collaboration abilities.
- Relevant certifications such as CISSP, GSEC, GCIH are a plus.
This advertiser has chosen not to accept applicants from your region.
3
Senior Security Operations Analyst
100000 An Cu, An Giang
WhatJobs
Posted 2 days ago
Job Viewed
Job Description
Our client, a rapidly growing cybersecurity firm, is looking for an experienced Senior Security Operations Analyst to bolster their threat detection and incident response capabilities. This role is fully remote, offering a flexible work environment for top talent. You will be at the forefront of safeguarding our client's digital assets and client data, monitoring security systems, analyzing threats, and coordinating responses to security incidents. Responsibilities include performing in-depth analysis of security alerts from various sources such as SIEM, IDS/IPS, and endpoint detection tools. You will develop and refine threat hunting methodologies, conduct forensic investigations, and provide timely and accurate reporting on security events and vulnerabilities. The ideal candidate will possess deep knowledge of cybersecurity principles, network protocols, and common attack vectors. Expertise in using security information and event management (SIEM) tools, EDR solutions, and malware analysis techniques is essential. You should have a proven ability to troubleshoot complex security issues and a strong understanding of incident response frameworks. Excellent communication and collaboration skills are required for working effectively with internal teams and external stakeholders in a remote capacity. We are seeking a proactive, analytical, and highly motivated professional with a passion for cybersecurity and a commitment to staying ahead of evolving threats. Join us to make a significant impact on protecting organizations in the digital realm, from wherever you work.
This advertiser has chosen not to accept applicants from your region.
4
Senior Security Operations Engineer
10000 An Cu, An Giang
WhatJobs
Posted 2 days ago
Job Viewed
Job Description
Our client is seeking a highly skilled Senior Security Operations Engineer to join their fully remote global security team. This role is critical in maintaining and enhancing the organization's security posture by managing and operating security tools and technologies. You will be responsible for the deployment, configuration, tuning, and monitoring of security solutions, including SIEM, SOAR, EDR, firewalls, and vulnerability management platforms. The ideal candidate will possess a deep understanding of security operations center (SOC) functions, threat detection, incident response, and security automation. Your expertise will be vital in developing and implementing efficient security workflows, automating repetitive tasks, and improving the overall effectiveness of the security operations. Responsibilities include proactive threat hunting, analyzing security alerts, and leading the response to security incidents. You will also be involved in architecting and implementing new security solutions to address evolving threats. The successful applicant will stay current with the latest cybersecurity trends, attack vectors, and defensive technologies. Strong scripting and automation skills (e.g., Python, PowerShell) are essential for developing custom tools and integrations. This position requires a detail-oriented, proactive professional with excellent problem-solving abilities and the capacity to work autonomously in a remote setting. The opportunity to protect critical digital assets and contribute to the resilience of a leading organization.
Responsibilities:
Responsibilities:
- Manage, configure, and maintain security operations tools and technologies (SIEM, SOAR, EDR, etc.).
- Monitor security alerts and events, performing initial triage and investigation.
- Develop and implement security automation scripts and workflows.
- Conduct threat hunting activities to proactively identify and neutralize threats.
- Lead the technical response to security incidents.
- Tune security detection rules and policies to reduce false positives and improve accuracy.
- Collaborate with other IT and security teams to implement security controls.
- Develop and maintain documentation for security tools and processes.
- Stay updated on emerging threats, vulnerabilities, and security technologies.
- Participate in security architecture reviews and recommend improvements.
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Minimum of 6 years of experience in security operations or a related cybersecurity role.
- Proven experience with SIEM, SOAR, EDR, and other security operations technologies.
- Strong understanding of networking protocols, operating systems, and cloud security concepts.
- Proficiency in scripting languages (e.g., Python, PowerShell) for automation.
- Experience in incident response and digital forensics.
- Excellent analytical and problem-solving skills.
- Strong communication and teamwork abilities.
- Relevant security certifications (e.g., GSEC, GCIA, CEH) are a plus.
- Ability to work independently and effectively manage tasks in a remote environment.
This advertiser has chosen not to accept applicants from your region.
5
Network Engineer/ Network Security Operations
Ho Chi Minh City
Dision Tech
Posted today
Job Viewed
Job Description
**Location**: Thu Duc City (District 2)
**Responsibility**
**- Firewall, Network and Router management**:
- Design, implement, configure, and maintain network infrastructure including routers, switches, firewalls, and other networking devices.
- Monitor and respond to security incidents, implementing preventive measures based on firewall logs.
- Implement and manage routing protocols to optimize and prevent potential security risks in network traffic. Monitor network traffic for signs of unauthorized access, malicious activity, or security breaches
- Configure and maintain firewall rules, VPN connections, and other network security devices to enforce security policies and protect against external threats.
- Troubleshoot and resolve routing issues to minimize downtime and enhance network reliability.
**- Vendor Technologies**:
- Possess in-depth knowledge and hands-on experience with at least 1 technology such as Cisco, Palo Alto, or Fortinet
- Demonstrate proficiency or willingness to learn in Cisco ACI for dynamic and automated network infrastructure.
**- Other**:Handle other tasks assigned by managers.
**Requirements**:
- Being a team player who can work effectively in an onsite, young, and dynamic team with a strong willingness to communicate, learn, and embrace challenges.
- Good English skills (both verbal and written)
- From 2 years of experience as a Network Engineer/ Network Security Engineer.
- Bachelor's or college degree in Computer Science, Information Technology, or a related field.
- Strong understanding of networking protocols, TCP/IP, and network architecture.
- Experience with security assessment tools, such as vulnerability scanners, penetration testing tools, and packet analyzers.
- Experience with Cisco ACI for policy-based networking and automation is preferred
- Proficient in firewall management with expertise in at least 1 technology: Cisco, Palo Alto, or Fortinet solutions.
- Strong understanding of network protocols, routing, and security best practices.
- Excellent analytical and troubleshooting skills.
- **Nice to have**_
- At least one of the Industry certifications such as CCNA, CCNP, PCNSA/PCNSE, or Fortinet NSE are highly desirable.
- Familiarity with automation tools (Terraform, Ansible) is a plus.
**What We Offer**:
- A dynamic work environment where you will have the opportunity to contribute to projects in the cybersecurity field.
- The chance to work closely with the CTO and CEO, improving your English language skills.
- Opportunities for continuous learning and professional development.
**Benefits**
- Competitive salary, negotiable based on skills and experience.
- Opportunity to join a fast-growing, dynamic, and global company.
- 13th and 14th-month salary, plus performance-based bonuses.
- Over 14 days of annual leave
- Access to social insurance, health insurance, and unemployment insurance upon signing an official labor contract.
- Investment in professional tech training.
- Annually teambuilding activities
- Free parking and on-site food and coffee.
- Work hours: Monday to Friday, 9:00 am - 6:00 pm.
**or contact Zalo**:
Loại hình công việc: Toàn thời gian
**Responsibility**
**- Firewall, Network and Router management**:
- Design, implement, configure, and maintain network infrastructure including routers, switches, firewalls, and other networking devices.
- Monitor and respond to security incidents, implementing preventive measures based on firewall logs.
- Implement and manage routing protocols to optimize and prevent potential security risks in network traffic. Monitor network traffic for signs of unauthorized access, malicious activity, or security breaches
- Configure and maintain firewall rules, VPN connections, and other network security devices to enforce security policies and protect against external threats.
- Troubleshoot and resolve routing issues to minimize downtime and enhance network reliability.
**- Vendor Technologies**:
- Possess in-depth knowledge and hands-on experience with at least 1 technology such as Cisco, Palo Alto, or Fortinet
- Demonstrate proficiency or willingness to learn in Cisco ACI for dynamic and automated network infrastructure.
**- Other**:Handle other tasks assigned by managers.
**Requirements**:
- Being a team player who can work effectively in an onsite, young, and dynamic team with a strong willingness to communicate, learn, and embrace challenges.
- Good English skills (both verbal and written)
- From 2 years of experience as a Network Engineer/ Network Security Engineer.
- Bachelor's or college degree in Computer Science, Information Technology, or a related field.
- Strong understanding of networking protocols, TCP/IP, and network architecture.
- Experience with security assessment tools, such as vulnerability scanners, penetration testing tools, and packet analyzers.
- Experience with Cisco ACI for policy-based networking and automation is preferred
- Proficient in firewall management with expertise in at least 1 technology: Cisco, Palo Alto, or Fortinet solutions.
- Strong understanding of network protocols, routing, and security best practices.
- Excellent analytical and troubleshooting skills.
- **Nice to have**_
- At least one of the Industry certifications such as CCNA, CCNP, PCNSA/PCNSE, or Fortinet NSE are highly desirable.
- Familiarity with automation tools (Terraform, Ansible) is a plus.
**What We Offer**:
- A dynamic work environment where you will have the opportunity to contribute to projects in the cybersecurity field.
- The chance to work closely with the CTO and CEO, improving your English language skills.
- Opportunities for continuous learning and professional development.
**Benefits**
- Competitive salary, negotiable based on skills and experience.
- Opportunity to join a fast-growing, dynamic, and global company.
- 13th and 14th-month salary, plus performance-based bonuses.
- Over 14 days of annual leave
- Access to social insurance, health insurance, and unemployment insurance upon signing an official labor contract.
- Investment in professional tech training.
- Annually teambuilding activities
- Free parking and on-site food and coffee.
- Work hours: Monday to Friday, 9:00 am - 6:00 pm.
**or contact Zalo**:
Loại hình công việc: Toàn thời gian
This advertiser has chosen not to accept applicants from your region.
Be The First To Know
About the latest Soc engineer Jobs in Vietnam !
6
Lead Security Operations Center (SOC) Analyst
91000 Rach Gia, Kien Giang
WhatJobs
Posted 1 day ago
Job Viewed
Job Description
Our client is seeking a highly skilled and experienced Lead Security Operations Center (SOC) Analyst to join their fully remote cybersecurity team. This pivotal role involves overseeing the daily operations of the SOC, ensuring the timely detection, analysis, and response to security threats and incidents. You will be responsible for leading a team of SOC analysts, providing technical guidance, mentorship, and operational oversight to maintain a robust security posture for our organization.
Key responsibilities include developing and refining incident response procedures, managing security information and event management (SIEM) systems, and utilizing various security tools and technologies for threat hunting and forensic analysis. You will analyze security alerts, investigate potential breaches, and coordinate mitigation efforts. The Lead SOC Analyst will also play a crucial role in threat intelligence gathering and dissemination, staying abreast of the latest cyber threats, vulnerabilities, and attack vectors.
We are looking for a candidate with a Bachelor's degree in Computer Science, Information Security, or a related field, coupled with at least 5-7 years of experience in SOC operations and incident response. Professional certifications such as CISSP, GCIA, GCIH, or CEH are highly desirable. Strong knowledge of network protocols, operating systems, and common attack methodologies (e.g., phishing, malware, DDoS) is essential. Experience with scripting languages (Python, PowerShell) for automation and experience with cloud security principles are also important. The ideal candidate possesses excellent analytical and problem-solving skills, strong leadership qualities, and the ability to effectively communicate complex security issues to various stakeholders. This remote position demands a proactive mindset, meticulous attention to detail, and the capability to manage critical security incidents under pressure.
Key responsibilities include developing and refining incident response procedures, managing security information and event management (SIEM) systems, and utilizing various security tools and technologies for threat hunting and forensic analysis. You will analyze security alerts, investigate potential breaches, and coordinate mitigation efforts. The Lead SOC Analyst will also play a crucial role in threat intelligence gathering and dissemination, staying abreast of the latest cyber threats, vulnerabilities, and attack vectors.
We are looking for a candidate with a Bachelor's degree in Computer Science, Information Security, or a related field, coupled with at least 5-7 years of experience in SOC operations and incident response. Professional certifications such as CISSP, GCIA, GCIH, or CEH are highly desirable. Strong knowledge of network protocols, operating systems, and common attack methodologies (e.g., phishing, malware, DDoS) is essential. Experience with scripting languages (Python, PowerShell) for automation and experience with cloud security principles are also important. The ideal candidate possesses excellent analytical and problem-solving skills, strong leadership qualities, and the ability to effectively communicate complex security issues to various stakeholders. This remote position demands a proactive mindset, meticulous attention to detail, and the capability to manage critical security incidents under pressure.
This advertiser has chosen not to accept applicants from your region.
7
Senior Security Operations Center (SOC) Analyst
45000 Nam Dinh , Nam Dinh
WhatJobs
Posted 1 day ago
Job Viewed
Job Description
Our client, a leading cybersecurity firm, is seeking a highly skilled Senior Security Operations Center (SOC) Analyst to join their advanced threat detection team. This is a critical role in safeguarding our client's digital assets and responding to cyber threats in real-time. The ideal candidate will possess deep expertise in security monitoring, incident response, and threat intelligence. This role is fully remote, providing an excellent opportunity for experienced security professionals to contribute from anywhere.
Responsibilities:
Responsibilities:
- Monitor security alerts from various sources, including SIEM, IDS/IPS, EDR, and threat intelligence platforms.
- Analyze security events to identify potential threats, breaches, and vulnerabilities.
- Investigate and respond to security incidents, including containment, eradication, and recovery efforts.
- Develop and refine incident response playbooks and procedures.
- Perform deep-dive forensic analysis on compromised systems to understand attack vectors and impact.
- Proactively hunt for threats within the network environment using advanced detection techniques.
- Analyze threat intelligence feeds and indicators of compromise (IOCs) to enhance security posture.
- Configure and tune security tools and technologies to optimize detection capabilities.
- Generate detailed reports on security incidents, findings, and recommendations.
- Collaborate with internal teams and external partners during incident response activities.
- Stay current with the latest cybersecurity threats, attack techniques, and defensive measures.
- Provide mentorship and guidance to junior SOC analysts.
- Contribute to the continuous improvement of SOC processes and tools.
- Develop and maintain documentation for security policies, procedures, and configurations.
- Participate in on-call rotations for critical incident response.
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
- Minimum of 5 years of experience in a Security Operations Center (SOC) environment or incident response role.
- Proven experience with SIEM tools (e.g., Splunk, QRadar, LogRhythm) and security analytics.
- In-depth knowledge of various cybersecurity threats, vulnerabilities, and attack methodologies.
- Hands-on experience with incident response, digital forensics, and malware analysis.
- Familiarity with network security protocols, tools (e.g., Wireshark, tcpdump), and concepts.
- Experience with endpoint detection and response (EDR) solutions.
- Strong understanding of threat intelligence principles and platforms.
- Relevant certifications such as CISSP, GIAC (GCIH, GCFA), or CompTIA Security+ are highly desirable.
- Excellent analytical and problem-solving skills.
- Strong communication and interpersonal skills, with the ability to articulate technical details clearly.
- Ability to work independently and manage multiple priorities in a fast-paced environment.
- Experience with scripting languages (e.g., Python, PowerShell) for automation is a plus.
- Proficiency in a second language is advantageous but not required.
This advertiser has chosen not to accept applicants from your region.
8
Senior Security Operations Center (SOC) Analyst (Remote)
900000 Can Tho , Can Tho
WhatJobs
Posted 2 days ago
Job Viewed
Job Description
Our client is seeking a highly skilled and experienced Senior Security Operations Center (SOC) Analyst to join their global security team. This is a fully remote position, offering the opportunity to work from anywhere. In this critical role, you will be responsible for the continuous monitoring of security alerts, detection of potential threats, and timely response to security incidents. You will play a vital part in protecting the organization's network infrastructure and sensitive data from cyber threats. The ideal candidate possesses extensive knowledge of security technologies, threat landscapes, and incident response protocols. Your responsibilities will include analyzing complex security events, performing forensic analysis of security incidents, developing and optimizing SOC playbooks, and contributing to the continuous improvement of security monitoring capabilities. You will collaborate with other security teams, including threat intelligence and incident response, to ensure comprehensive protection. This position demands exceptional analytical and problem-solving skills, a proactive approach to security, and the ability to work effectively under pressure in a 24/7 operational environment. Excellent communication skills are essential for reporting findings and coordinating incident response efforts. The successful candidate will be passionate about cybersecurity, committed to staying ahead of emerging threats, and eager to contribute to a world-class SOC team. A strong understanding of SIEM, IDS/IPS, endpoint detection and response (EDR) tools, and various security frameworks is crucial.
Key Responsibilities:
Key Responsibilities:
- Monitor security alerts and events from SIEM, IDS/IPS, and other security tools.
- Detect, analyze, and respond to security incidents and threats.
- Perform deep-dive investigations into suspicious activities and potential breaches.
- Develop and refine SOC playbooks and standard operating procedures.
- Conduct forensic analysis of security incidents.
- Analyze threat intelligence and correlate it with security events.
- Contribute to the continuous improvement of SOC tools and processes.
- Collaborate with incident response and threat intelligence teams.
- Document incident details, actions taken, and lessons learned.
- Mentor and guide junior SOC analysts.
- Bachelor's degree in Cybersecurity, Computer Science, or a related field.
- Minimum of 5-7 years of experience working in a Security Operations Center (SOC) environment.
- In-depth knowledge of cybersecurity principles, threats, and attack vectors.
- Proficiency with SIEM platforms (e.g., Splunk, QRadar, LogRhythm).
- Experience with IDS/IPS, EDR solutions, and network traffic analysis.
- Strong understanding of incident response methodologies and frameworks.
- Excellent analytical and critical thinking skills.
- Effective communication and documentation skills.
- Relevant certifications such as GIAC, CISSP, or CCSP are highly advantageous.
- Proven ability to work autonomously and as part of a remote team.
This advertiser has chosen not to accept applicants from your region.
9