Ensign is hiring !
Duties and Responsibilities:
-
Own and manage playbook & automation library
-
Lead continuous improvement program for SOC Orchestration Automation & Response topic
-
Engage client & other CSOC stakeholders regularly to gather new automation requirement and feedback for existing automations
-
Design, Develop, Test and Deploy SOAR playbooks, automations based on client & CSOC requirements
-
Research on industry innovations, trends, best practices and suggest/implement SOC automation ideas
-
Develop SIEM and SOAR integrations with 3rd party services/tools used by CSOC and clients
-
Manage and troubleshoot SOAR platforms and underlying infrastructure
Requirements:
-
Experience with Python and it’s libraries related to web programming
-
Experience with at least one of the object-oriented programming languages
-
Experience in working with git and code repositories such as Gitlab, Github and AWS Code Commit
-
Working Experience in CI/CD technologies and processes
-
Understanding of Mitre ATT&CK framework
-
In-depth Understanding of Cloud computing technologies and hands on experience with minimum one of the cloud platforms such as AWS, Azure and GCP.
-
Ability to communicate with multiple stakeholders with clarity
-
Basic understanding of functionality of SaaS platforms, firewalls, IPS, EDR, proxy, SIEM
-
and Windows OS
-
In-depth understanding of Linux OS and related troubleshooting
-
Curious mindset, drive to acquire new knowledge/skills/insights and apply them to solve problems.
-
Bachelors Degree in computer engineering, Computer Science, Cyber Security, Information Security or other equivalents
Preferred Skills /Qualities
-
Regularly keeping up with infosec affairs, SOC automation trends and select/implement ideas that increase the value of our managed security services
-
Able to install and use own mini test Lab from scratch
-
Clarity of communication, ability to listen to stakeholders and translate conversations into technical requirements.
-
Continuous improvement mind set led approach to BAU activities
-
Ability to successfully work in a thought diverse environment
Top Skills
What We Do
Ensign InfoSecurity is the largest pure-play end-to-end cybersecurity service provider in Asia. Headquartered in Singapore, Ensign offers bespoke solutions and services to address their clients’ cybersecurity needs. Their core competencies are in the provision of cybersecurity advisory and assurance services, architecture design and systems integration services, and managed security services for advanced threat detection, threat hunting, and incident response. Underpinning these competencies is in-house research and development in cybersecurity. Ensign has two decades of proven track record as a trusted and relevant service provider, serving clients from the public and private sectors in the Asia Pacific region
