Security Management Specialist (Cyber Security)
About the Role
The Security Operations Center team is looking for a Security Management Specialist. The team is responsible for the prevention of Cyber Security Incidents by monitoring, detection, analysis of potential intrusions and containment in real time in the SWIFT infrastructures and networks.
The team provides 24/7 security monitoring (no night shifts) on all security alerts related to the SWIFT Production and Enterprise Environments. Using security tools we are able to correlate logs and detect suspicious / malicious behavior in both environments. Our incident response capabilities are associated with the identification, containment and eradication of threats from the environments.
In return, you will be part of a dynamic and multinational company that promotes talent, growth and career opportunities. SWIFT has a friendly and professional work environment with benefits such as premium health insurance.
SWIFT will be offering extensive cyber security training so that any team member can reach expert level.
To maintain and track systems and procedures ensuring security compliance/control of systems, networks, physical infrastructure, people and information. To implement and communicate security policies/controls/ procedures so that they are effective and appropriate for SWIFT and its customers, and that they are consistent with the company objectives, company reputation and regulatory requirements. May undertake smaller projects within the area of security. What to expect:
What will make you successful:
- Participate in security monitoring, detecting and analysis of events related to security, ensuring appropriate cyber defense
- Perform log analysis on various security/network devices, e.g. Firewall, IPS/IDS, WAF, Proxy, NBAD, Email gateway, Anti-virus, Router/Switch etc.
- Handle and investigate spam and malicious email reported by internal users
- Perform analysis on threat indicators and intelligent insight on daily basis
- Identify the impact of latest vulnerability for various devices
- Strengthen threat intelligence capabilities to integrate to existing detection tools
- Analyze latest security news and social media post
- Participate in incident handling - identification, containment, eradication and recovery for security alert generated by SIEM
- Prepare incident report for critical incident to management
- Perform Network/Server/Endpoint forensic investigation
- Create and maintain playbooks for security incidents
- Bachelor degree in IT, Computer Science or related
- Around 3-5 years relevant experience. Open to candidates with different seniority. Fresh grads welcome as junior specialist
- Security certification such as GCIH, GCIA, CISSP will be considered an asset
- Strong affinity with security and / or networking
- Work experience with SIEM in 24x7 Security Operations Center (SOC) would be a preference
- Understanding of the concept of SIEM use cases/correlation rules will be an advantage
- Experience on Vulnerability Assessment and Penetration Testing (VAPT) will be an advantage
- Encouraged to hold on of the following certifications or equivalent e.g. CEH, GCIH and CNFA etc.
- Knowledge of intrusion detection and vulnerability assessment capabilities is an asset
- Good understanding on security incident triage is an advantage
- Fluent English both written and spoken
- Eager to learn, pro-active, enthusiastic, analytical, communicative, take initiative and team player
- Extra allowances & compensation will be provided for early hours and weekend/public holiday roster (NO night shift).
You may like to know the team better by knowing the people in the team. Review LinkedIn profile of the people on the list below :
Ferdinand Ng , Reporting Manager
Wayne Chan , Senior Security Specialist
Polly Ip - Recruiter What we offer
We put you in control of career
We give you a competitive package
We help you perform at your best
We help you make a difference
We give you the freedom to be yourself We give you the freedom to be yourself. We are creating an environment of unique individuals - like you - with different perspectives on the financial industry and the world. An environment in which everyone's voice counts and where you can reach your full potential regardless of age, background, culture, colour, disability, gender, nationality, race, religion , or veteran/military status.