- Browse Job
- Analyst – Security Incident Response
- Position
- Analyst – Security Incident Response
- Department
- Cyber Security Office
- Working Location
- Macau Peninsula
- Post Date
- 22/02/2023
- Requirements
-
• Degree holder in Computer Science, Electrical / Electronic Engineering, Information Technology related fields or Cyber Security related experience is a minimum
• CISP / CISSP / CISM / CISA / SSCP / CSX / ECIH / EHFI / GCIH (or other industry recognized security certification) preferred
• Minimum of 2 year of relevant experience in Information Technology
• Experience with security event log analysis
• Knowledge of and experience with standard network logging formats, network management systems and network security monitoring systems, security information and event management, network packet analysis tools
• Hospitality or gaming industry experience is preferred
• Proficient in spoken and written English and Chinese
• Good presentation skill and able to explain technology strategic to non-IT use
- Responsibilities
-
• Follow and maintain company Cybersecurity Incident Response Plan (CIRP)
• Assist to develop and revise SOPs and playbooks / cheat sheets for Cybersecurity Incident Handling
• Determine the initial severity of cybersecurity incident according to CIRP
• Coordinate with Security Operations Teams and related IT Teams for remediation in case of security incidents
• Handle cybersecurity incident across all company properties and Satellite Casinos with CSO Security Operations Team and other IT Teams, following CIRP
• Maintain internal communications and supervise operations during and after incidents
• Prepare all incident related documents and reports
• Assist company Cybersecurity Representative to respond to CARIC regarding cybersecurity incident status update, in the case of cybersecurity incident is occurred on the company information system which is under the scope of MCSL
• Monitor intelligence sources to maintain situational awareness of cyber threat landscape
• Maintain knowledge of the cyber threat landscape
• Identify and pinpoint Indicators of Compromise (IOC) targeting company or casino and resort industry
• Collect, analyze and assess malicious code behavior to defend against the malware threats or other threat indicators
• Maintain the rules based on the business needs on Data Loss Prevention (DLP) system to avoid sensitive data leakage
• Review and respond to DLP alerts
• Maintain the DLP Exemption Process
• Conduct examinations of digital evidence and prepare evidence for investigation, when necessary
• Work with investigators to acquire digital evidence if a third party is involved
• Use a range of forensic tools and software to extract and analyze data
