[ref. c7813421] Security Operations Specialist

Job Description

We Are

n

With innovative solutions like YouTrip for consumers and YouBiz for businesses, we offer unmatched financial ease and cost-effectiveness. Fresh off a successful US$50 million Series B funding round led by Lightspeed Venture, we're setting new benchmarks in the digital financial services sector.

nAt the heart of our mission is a commitment to eliminate financial borders across Asia, propelling us into the next wave of digital finance.

nJob Description: Security Operations Specialist

n

You will work closely with cross-functional teams to implement and enhance security measures, ensuring compliance with industry standards and regulatory requirements. The ideal candidate has a strong background in cybersecurity operations and a deep understanding of the unique challenges in the FinTech or financial industry space.

nKey Responsibilities

n

• Capture and analyze security event logs from various sources, including servers, network devices, applications, and cloud platforms, to extract actionable security insights and identify security gaps.

• Develop, build, and refine detection rules and correlation logic to enhance the accuracy and efficiency of security monitoring, leveraging industry frameworks like MITRE ATT&CK and the Cyber Kill Chain.

• Design and implement tools to orchestrate and automate security monitoring, leveraging SOAR platforms and scripting (e.g., Python, PowerShell) to streamline repetitive tasks.

• Build and maintain security incident response playbooks and create meaningful reporting metrics to track the effectiveness and efficiency of SOC activities.

• Assist with the Data Loss Prevention efforts.

• Assist with investigations of security events and incidents, collaborating with incident response teams to mitigate risks and prevent future incidents.

• Investigate and respond to security incidents using findings from log analysis, promptly addressing threats and vulnerabilities in collaboration with the response team.

• Contribute to incident response sessions, participating in root cause analysis, lessons learned, and helping to implement improvements to enhance incident detection and prevention strategies.

• Coordinate with external DFIR vendors to conduct in-depth forensic analysis and manage complex security incidents, ensuring effective collaboration and resolution.

• Collaborate with AWS & GCP administrators and engineers to address identified vulnerabilities and ensure security in a dynamic, cloud-based environment.

• Develop cutting-edge detection content using advanced security frameworks and techniques, ensuring alignment with the latest industry innovations and trends.

• Ensure adherence to industry best practices, local and global regulatory requirements, and the companys strategic objectives in cybersecurity.

• Work closely with key stakeholders to identify, respond to, and remediate information security issues across the organization.

• Support internal and external audits.

• Contribute ideas and solutions to a fast-paced, evolving team focused on operational excellence and the continuous improvement of SOC processes.

• Contribute to the ongoing maturity of the Security Operations team, helping to shape SOC strategies and enhance the overall effectiveness of security operations.

n

n

Requirements:

n

• Bachelor's degree in Cybersecurity, Computer Science or Information Technology

• Experience with SIEM tools (e.g., Splunk, QRadar, LogRhythm, or similar).

• Hands-on experience with log management and analysis tools (e.g., OpenSearch, LogRhythm, Graylog).

• Strong understanding of cloud security best practices and AWS security services (e.g., AWS Security Hub, AWS Config, AWS CloudTrail, AWS GuardDuty).

• Proficiency in scripting languages (e.g., Python, PowerShell) and automation tools (e.g., SOAR).

• Strong understanding of security frameworks, including MITRE ATT&CK, Cyber Kill Chain, and NIST.

• Experience with cloud security and familiarity with AWS & GCP environments.

• Excellent communication and collaboration skills, with the ability to work cross-functionally.

• Industry certifications (e.g., CISSP, CEH, GCIH) are a plus.

• 6-10 years of experience with SIEM or in-depth operational experiences in a SOC function with strong familiarity of metrics, tools, and processes