Cyber Security Analyst (Security Engineer)

Our team's mandate is to provide world-class service in Cyber Security as the leading Cyber Security service provider in Thailand and ASEAN Market. You will be joining TDG's Cyber Security team to protect our clients from cybercrime and support multifaceted countermeasures against cyber attacks by Threat Intelligence and remediation automation.

The Cyber Security Analyst provide 24x7 eyes-on-glass service; formed from a team of security analysts with some years of experience. The monitoring and identification tier are responsible for the real-time monitoring and identification of security incidents. Analysts staffed at Level 1 monitor the MDR Centre main channel event streams within the MDR Centre security information and event management (SIEM) platform and other MDR Centre tools. They identify suspicious activity, open an incident investigation and perform preliminary investigation to validate the incident. If the incident is determined to be more complex and requires more time and/or deeper expertise to analyse, the Tier 1 – Analyst will transfer the open investigation to Tier 2 for further analysis and escalation.

Key Responsibilities

• Performs real-time monitoring of security alerts generated by various MDR tools deployed by True Digital.
• Investigates potential security incidents under the guidance of playbooks and procedures.
• Analyses and assesses security alerts.
• Validates, classifies and opens security incident cases or escalates to Level 2 analysts.
• Serves as a primary contact point for reporting potential security incidents.
• Document security incidents as identified by the case management process.
• Provides feedback on enhancing the operations of the cyber security operations centre.
• Responds to security alerts generate within the SLA time window.

Recommended Qualifications

• Bachelor degree in science or engineering is preferable.
• Analytical and problem-solving skills are required.
• Some working knowledge in operating SIEM solutions.
• Knowledge and/or experience with common security tools such as anti-virus, intrusion detection and firewalls are required.
• Knowledge and/or experience with Microsoft Windows and Linux operating systems is required.
• Knowledge and/or experience with network protocols such as TCP/IP, Syslog, DNS and NetFlow is required.
• Experience in networking or application development is preferred
• Knowledge and/or experience with databases is preferred.
• Knowledge and/or experience with security vulnerability assessment tools is preferable.
• Good English communication, including conducting presentations and creating security incident reports, is required.
• Working experience in a MDR Centre, Security Operations Centre (SOC), Managed Security Service (MSS), or enterprise network environment.

OUR COMMITMENT TO YOU

We value our people and have the mission to attract and retain exceptional talent. We work in a truly agile environment where opinions are encouraged collaboration…. everyone has an opinion….opinions are valued…..and have no time for finger pointing and politics, instead we test & learn and celebrate successes as a team.

We will provide a training and coaching program to all our team members, tailored to your development needs and aspirations. This can cover a wide range of skills, like mastering new technologies, further developing your skills in presenting to a non-technical audience or supporting you to grow in a leadership position.

OUR OFFER

Employee Provident Fund – Annual Bonus - Annual health check-up - Medical Service @Workplace – Medical Expense Reimbursement - Health & Life Insurance - Fitness, Spa, Day care – Employee Privileges – Employee Loan - Education Loan - Scholarship for Employees' Children - Learning Center - Staff Activities - Smart Casual