CSOC Architect
สนใจสมัครงาน กรุณาส่ง E-mail ระบุตำแหน่งงานที่สนใจ และแนบประวัติ (Resume) ส่งถึง hr.recruiting@ktbcs.co.th
Responsibilities
- SIEM & SOAR expertise Multi-Site Implementation
- CSOC Solution Sizing
- Services – CSOC Consulting
- Develop Methodology and SOW for CSOC Maturity Assessment, CSOC Roadmap & Strategy, CSOC Governance
- Develop and present CSOC architecture to the end client.
- Lead the CSOC project deployment delivery.
- Conduct analysis using both quantitative and qualitative sources.
- Contribute to and refine technical RFP/RFI responses.
- Conduct & manage technical validation events.
- Participate in conferences, shows, exhibitions when appropriate and requested.
- Experience with networking, network protocols & security infrastructures.
- Develop, maintain and brief network maps and link diagrams.
- Expert level experience in Operations of Cyber Security Operations Center – is a must (SIEM / SOAR)
Qualifications
- Bachelor or Master Degree in Computer Science, Cyber Security, Information Systems or Business Administration
- At least 15 years professional experience in a Technical Leadership role including at least 8+ years of direct experience in Cyber Security Operations Center – Implementation & Operations
- A minimum of one of the following security related certifications: CISSP, OSCP, OSEE, CEH, NIST, GSEC or CompTIA Security+ required
- Excellent written, verbal communication skills, ability to effectively coordinate multiple priorities in a dynamic environment, strong analytical and negotiating skills & excellent organization and interpersonal skills
- Knowledgeable in Windows Domain, network and multi-tier application architectures
- Familiar with tools such as Nessus, Burp Suite, Linux, vulnerability management tools
- IPv4/6 and associated security measures
- Security software countermeasures
- Ability to work both independently as well as part of a geographically dispersed integrated team
- Ability to balance multiple priorities in a fast-paced, highly collaborative, frequently changing, and sometimes ambiguous environment
- Expert level knowledge of how to use network management tools and packet captures to resolve operational issues
- Familiarity with industry standard network management tools and common application traffic flow patterns in multi-tiered applications
- A solid understanding of what comprises a scalable, robust, supportable design for CSOC
- Expert knowledge in the following technologies: o Microsoft Active Directory Services
-TCP/IP Based Networking Principles
-Microsoft / Linux Operating Systems
-Firewalls and Perimeter Security
-Proxies and Load Balancers - Intrusion Detection and Prevention Systems (IDS/IPS)
- Strong application and infrastructure knowledge; e.g. Tomcat, PostgreSQL, SAML, IMAP, LDAP, Active Directory, SSO.
- Development Environment knowledge in linux, bash shell programming, git, gradle, virtual machines and Docker.
- Working knowledge of Networking concepts (firewalls, DNS, IP addressing, SSL/TLS and certificates).
- In-depth experience in deploying SIEM, Security Analytics, SOAR, Threat Hunting solutions.