Associate Cyber Security Consultant (Advanced Analytics)

Associate Cyber Security Consultant (Advanced Analytics)

Ensign InfoSecurity - Empowering you with the region’s largest pure-play cybersecurity expertise & innovation. Your partner in confronting the challenges of the digital world.

Job Description: We are seeking a talented Cyber Security Consultant to join our dynamic and growing team. As a Cyber Security Consultant for Advanced Analytics, you will play a crucial role in designing, implementing, and maintaining our SOC (Security Operations Centre) technologies and infrastructure. The ideal candidate should have experience deploying and managing SOC technologies, including SIEM (Security Information and Event Management), SOAR (Security Orchestration, Automation, and Response), TIP (Threat Intelligence Platform), User and Entity Behavior Analytics (UEBA), Data Streaming, Breach and Attack Simulation (BAS) platforms, etc. You’ll work closely with cross-functional teams to integrate these technologies into our clients’ environments, ensuring that their security needs are met with the highest standards.

Key Responsibilities:

Design, Implement, and Optimize SOC Technologies:

• Gather requirements and propose solutions to solve complex requirements within clients’ on-premise, hybrid or multi-cloud environments.
• Implement different technologies across SIEM, SOAR, TIP, UEBA, Data Streaming, and BAS solutions.
• Customize and ensure seamless integration to meet specific security requirements within our clients’ environments.
• Practice DevSecOps skillsets to deploy and manage proposed solutions at scale.
• Participate in design and integration with Ensign AI/ML and Threat Intelligence technologies.

Threat Detection and Response:

• Develop content for threat monitoring and detection.
• Develop automated response workflows for security incident management.
• Provide fine-tuning of detection content, machine learning models, or workflows.
• Participate in design and implementation for Detection-As-Code and Automated Security Response frameworks.

Documentation and Knowledge Sharing:

• Produce and maintain documentation related to SOC technologies and processes.
• Share best practices and insights with internal teams and clients.
• Offer guidance to clients on optimizing their SOC solutions.

Technical Support and Guidance:

• Participate and support in pre-sales engagements as Subject Matter Expert for proof-of-value (POV) engagements with different SOC technologies.
• Provide technical support for vulnerability management and platform issues in clients’ environment.

Qualifications:

• Bachelor’s degree in Computer Science, Information Technology, or a related field.
• At least 2 – 3 years of experience deploying and managing SOC technologies.
• Working experience in technologies like Splunk, Elastic, Sentinel, XSOAR, Exabeam, Anomali, Cribl, Confluent, Mandian MSV, Cymulate, AttackIQ or equivalent technologies are preferable.
• Working experience in DevSecOps practice, tools (CI/CD, GitLab, Ansible, Chef, etc.) or Cloud (AWS, Azure, GCP) environments are preferable.
• Strong understanding of cybersecurity principles and best practices.
• Working experience in cybersecurity professional services will be considered.
• Excellent problem-solving skills and attention to detail.
• Ability to thrive in a fast-paced, collaborative environment.
• Security certifications related to SOC technologies are a plus.