Job details

Cyber Incident Response Specialist L3

Get a free resume review

Company:

Sopra Steria is a listed European tech leader specializes in Consulting, Digital Service, and Software. We have 60,000 employees worldwide located in different regions (Europe, North America and Asia), whereby Singapore is the HQ for APAC. EvaGroup Asia Pacific is part of Sopra Steria I2S APAC, in charge of Infrastructure, Cloud and Cybersecurity services.

For this position, we are looking for a Cyber Team Lead to assist one of our client – a leading global investment bank.

Background:

APAC Production Security teams are responsible for multiple IT Security activities for in the Asia Pacific region, such as:

1. IT Production Security Governance, PMO & Risks

2. Network Security and Security Design & Architecture

3. Vulnerability & Compliance Management

4. IAM Production

5. Production CSIRT, Detection & SIEM Engineering

6. Production support of the Security platforms

Team is looking for Cybersecurity expert/SME in Detection Engineering & Security Investigation areas, part of Production SOC & Security Investigation & Incident Response team.

Responsibilities:

Lead technical activities (security use case definition, design, implementation & enrichment) in the team of IT Production Security Investigation & Incident Response based on real-world attack scenarios and framework like MITRE ATT&CK, ensuring robust security detection posture across various layers.
Understand ongoing security threats in the wild and propose security use case to detect and when possible, protect or mitigate.
Lead technical activities (definition, R&D/threat hunting) in the team of IT Production Security Investigation & Incident Response and oversee the detection capabilities of the 24/7 regional IT Production SOC
Respond to Cyber / IT security incidents and evaluates the type and severity of security events.
Identify recurring security issues and risks and develops mitigation plans and recommends process improvements.
Partner with global, regional and local stakeholders to ensure organizational and procedural efficiency and readiness for detection of suspicious events and reaction
Continuously improve the processes to strengthen the current SOC framework via review of policies and operational playbooks

Contributing Responsibilities:

Partner with the APAC Business CSIRT for integrated security monitoring and alert/incident handling operations.
Contribute to local security incident response outside the direct scope of responsibilities (i.e.,- local IT production in some APAC business entities)
Contribute to the compliance with regulatory requirements and internal policies
Contribute to the reporting of all incidents according to the Incident Management System
Contribute to the control frameworks in day‐to‐day business activities, such as Control Plan;
Participate to Audit interview and provide the require evidence

Candidate MUST have 7 or more years of experience on overall cybersecurity incident response with 4+ years specifically on security use case design, development, coding
Experience in security use case design/development with understanding of Java language
Good working knowledge of Linux (RedHat/Ubuntu)

Working knowledge to interpret security logs or instructions into threat models. SecOPS-DevOPS mindset & skills.
Experience and knowledge in investigating incidents, remediation, tracking and follow-up for incident closure with concerned teams, stakeholders.
Thorough understanding of technologies and security concepts, with knowledge & hands on experience in SIEM Product and Security Incident Management
Experience of performing security monitoring and incident response activities in an advanced Security Operation Centers (SOC) environment (log analysis, event analysis, incident investigation, reporting)
Comfortable working with and making the most of large data sets (collection, analysis, response), creating content/use cases/models and bringing an automation mindset
Experience in SIEM on ELK(Elastic Logstash Kibana) stack is a plus
Professional credentials in one of the relevant IT Security disciplines is a plus (SANS / CISSP / OSCP)
Experience in common scripting languages such as Python, PowerShell, Bash, SQL is a plus

Personal Attributes Requirements:

Strong problem-solving skills
Good communication skills (English is MUST, French is added advantage)
Positive attitude, willing to upskill and carry out in-depth troubleshooting
Has the ability to work autonomously and think on feet, be-proactive.
Good interpersonal skills and team player
High energy level coupled with a desire to take on responsibility
Able to multi-task & deliver within agreed deadlines

Regular team buildings
18 leave days / year
Insurance: GP, Hospitalisation, Dental and Optical Insurance
Annual bonus
Working hours: from 9am to 6pm, Monday to Friday
Training and certifications paths

Average salary estimate

$110000 / YEARLY (est.)

min

max

$100000K

$120000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Cyber Incident Response Specialist L3, Sopra Steria I2S

Join Sopra Steria as a Cyber Incident Response Specialist L3 and take your cybersecurity career to the next level! In this dynamic role, you will lead a capable team dedicated to protecting a prestigious global investment bank. Your expertise will help shape our strategies in areas like detection engineering, incident response, and vulnerability management. As part of the APAC Production Security teams, you'll craft security use cases grounded in real-world attack scenarios, using frameworks like MITRE ATT&CK to bolster our defenses. Your keen understanding of ongoing threats will allow you to propose proactive solutions, ensuring our detection frameworks are strong and adaptive. Your role will involve direct interaction with global and local stakeholders, providing you with a platform to implement necessary process improvements that drive our operational efficiency forward. With over 7 years of cybersecurity experience and strong technical skills – particularly in security use case design and development with languages like Java and Python – you're prepared to thrive in a fast-paced environment. Sopra Steria provides an engaging atmosphere, complete with opportunities for continuous learning, generous leave days, and excellent insurance and bonus schemes. If you are a collaborative team player ready to tackle complex security challenges and be part of a supportive and innovative environment, we’re excited to hear from you!

Frequently Asked Questions (FAQs) for Cyber Incident Response Specialist L3 Role at Sopra Steria I2S

What are the responsibilities of a Cyber Incident Response Specialist L3 at Sopra Steria?

As a Cyber Incident Response Specialist L3 at Sopra Steria, you'll lead a team in technical activities related to IT production security investigation and incident response. This includes defining and enriching security use cases, responding to cyber incidents, evaluating their severity, and collaborating with stakeholders for organizational efficiency.