Technical IT Security Specialist/ SOC Manager/ Operator

Status message

This job has expired. Search for other opportunities.
Salary : $540000 - $900000
Location : Central and Western District
Post Date :

Description :

A French Investment Bank is looking for some IT Security professionals focusing in 5 major areas.

  • SIEM
  • Intrusion Prevention / Detection
  • Forensic
  • Daily support in Security Operations Centre
  • Cyberattacks

The candidate will have four main duties:

1) Analyst:

- Develop new logs analysis and correlation rules and maintain existing rules and different components of the SIEM alerting GUI (Dashboard, Alerting, etc.)

- Create the research algorithm

- Investigation and statistics analysis

- First level diagnose of the malicious codes (Sandbox or manually)

- Understand new vulnerabilities and their exploitations, advise and follow the remediation with the with concerned IT team

- Understand how new cyberattacks can target the bank

- Find relevant IOC sources to feed security monitoring tools

- Create or find pattern in order to anticipate and detect new attacks

- Static and dynamic analysis of malicious codes and malicious documents

2) Incident handling:

- Day to day current SOC operations, create, handle tickets (ServiceSnow/Secops).

- Qualify the security incidents and determine the scope of compromising data or components.

- Advise and help IT on cyber security investigations

- Provide expertise to other security teams on the configuration, remediation or solution and architecture evolution

3) Forensics:

- Collect technical data and determine the security incident's severities

- Forensic on the compromised system

 Disc image

 Memory dump

 Event logs and system traces

 Network and application

4) Training :

- Share (to ITS and SOC) the knowledge and skills by organizing training sessions and write documentation

- Self training to rise in expertise:

- Techniques and forensic tools

- Exploitation of vulnerabilities

- Methods and analysis tools (survey, training, international conferences, …)

The candidate must be operational on the security equipment used in the bank and know the existing architectures.

If necessary, it must be able to change and adapt security equipment configurations, and must therefore know the operational risks and be able to evaluate the impacts of its actions.


- Bachelor degree in Computing Science, IT Security or relevant

- At least 5 years of related experience

- Knowledge of one or more of following programing languages and scripting languages (Python, JavaScript, C, C++, Assembler, Shell)

- Knowledge of SIEM solutions - Experience with Splunk search syntax and Regex

- Experience in operating systems: Unix, Linux, Windows, Android/IOS.

- Proficient in system security vulnerabilities and remediation techniques, including how system processes are working

- Proficient in network protocols TCP/IP, routing, IPsec and VPN

- Good knowledge on Internet application protocols weaknesses and vulnerabilities: HTTP[S], SMTP, DNS, NTP, LDAP, SIP, SAMBA, SSH, etc. - Internet architecture definition

- Proficient in vulnerability analysis and assessment tools

- Penetration testing methods and tools, especially Web exploits (injections SQL, XSS/CSRF, etc.)

- Standard applications security configurations and hardening (web servers, mail, database, DNS, proxy, firewall, etc.)

- Knowledge of static and dynamic analysis tools (ollyDBG, windbg, immunity debugge, x64dbg, IDA)

Apply Today

To apply online (Word attachment only), please click the 'Apply' button. Please note that only short-listed candidates will be contacted.

By applying to this job you are agreeing to our Terms of Use

Hong Kong

21st Floor, Nexxus Building,
41 Connaught Road,
Hong Kong
Phone : +852 3653 7300

Similar Jobs