Tech
Security Engineer (Second)
Description
1. Experience in security operations (Both on-prem and cloud)
- Perform regular vulnerability scanning and reporting
- Perform vulnerability remediation
- Perform regular patching
- Work with 3rd party SOC for alerting
2. Experience in application security
- Knowledge on application code review
- Support development team on penetration test and application scanning process
3. Support security mitigation during software development
- Experience in security products/solutions evaluations
- All kind of project Implementation on security area
Requirement
1. At least 3 years in 2nd line support of security operations
Concept of threat and vulnerability operations
Use SCCM to manage both workstation and server patching and reporting
Use Rapid7 for vulnerability management
Use Microsoft Defender for endpoint security
Follow up SOC alert – incident response and remediation
Concept of solution lifecycle management and follow up (e.g. remediate on EOL services/equipment)
2. Basic cloud knowledge (Both Azure and AWS) and data management tools knowledge(e.g. AIP, Broaden James...etc.)
3. Basic knowledge in identity & access management.
4. Intermediate on security concept PKI Authentication (SSO, MFA…etc.)
5. Nice to have some security certificates (e.g. CEH, CISA, CISSP, CCSP….etc.)
