To support our expansion, we require an experienced Lead Security Operations Analyst to support our Cybersecurity Team.
Block.one is a software publisher specializing in high performance blockchain technologies. Its first project, EOSIO, an open-source blockchain protocol designed to enable secure data transfer and high-performance decentralized applications, has received global recognition as the first performant blockchain platform for developers, following its introduction in May 2017.
Through its affiliate, Block.one Hong Kong provides software development and consultancy services through its office in Central, Hong Kong. We are continuing to look for global and local talent to join us in Hong Kong to offer creative solutions based on the latest technological innovations and trends.
To support our expansion, we require an experienced Lead Security Operations Analyst to support our Cybersecurity Team. As a Lead Security Operations Analyst with Block.One, you will be part of a Team of individuals tasked with providing security services for the company, its products and its customers. In this role, in addition to having the expertise to perform the duties and tasks of a Security Analyst, you will be expected to be able to perform the responsibilities outlined below.
- Lead a Team of Security Operations Analysts.
- Act as an Incident Response point of contact for Sr. Management.
- Lead Projects.
- Train/Assess Analysts.
- Provide subject matter expertise in various areas of cyber security.
- Provide presentations/reports to audiences ranging from Team members to
- Executive level management as well as internal/external 3rd parties.
- BS/BA degree in Cyber Security/Computer Science or equivalent combination of related work experience desired.
- 10+ years of verifiable experience in the Security Operations space, Security Operations Center (SOC) experience a plus.
- Experience leading interdisciplinary Security Teams.
- Ability to work across different regions in a process/procedure driven organization.
- Ability to gather and interpret information through the use of computer network defense and forensics tools.
- Experience performing analysis with Security Information Event Management (SIEM) technologies such as Splunk, ArcSight and OSSIM.
- Experience performing proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks.
- Strong working knowledge of TCP/IP stack, as well as L7 protocols (e.g. HTTPS, HTTP, SMTP, DNS)
- Possess an in-depth understanding and working knowledge of security appliances/tools such as host based and network based IDS/IPSes WAFs, Endpoint Detection and Response (EDR) tools etc.
- Very strong understanding of networking protocols, operating systems and cyber security concepts and technologies.
- Experience with vulnerability assessments - scanning the environment, generating reports and engaging with system owners and stakeholders to make certain that any observed vulnerabilities or security concerns are addressed/remediated.
- CISSP, CISM, GCIA, GCIH, GCFE, GCFA, GREM, Splunk Power User or similar certifications.
- Experience performing security analysis and writing content for one or more SIEM technologies.
- Understanding of the current cyber threat landscape.
- Excellent communication skills verbal and written.
- Experience and proficiency with writing guidelines, processes and procedural documentation.
- Ability to perform read-outs of analysis and research to various audiences.
- Self-starter, team-player with the ability to coordinate and collaborate on multiple issues simultaneously with various stakeholders.
- Experience with troubleshooting complex issues in a very technical environment.
- Proficiency with case management and ticketing systems.
- Ability and willingness to mentor and train new/incoming Analysts.