Job Role : Cyber Security L2 Support (English, Mandarin/Cantonese)
Salary : Open
Skills : Endpoint security solution, NIPS, Vulnerability Scanning, Cloud security posture management, DLP, Email Security Solution & Cantonese / Mandarin
Experience : 3-5 Years
Purpose :
This Cyber security L2 Support Lead manages 24*7 Security Operations (Monitoring, Triage, Alerting & incident Response), Phishing Incident Response, Security Solution Policy Management/Changes, Monitoring Service Request Approvals, Reporting, Documentation and SOPs and Security Solution Health check.
Key Responsibilities :
- Whitelisting the Domain /Email address
- Blacklisting the Domain /Email address
- Message Trace Analysis
- Releasing the emails from Policy Quarantine
- SPAM /Phishing Email Ticket analysis
- Adhoc Requests from Customer on Whitelisting/Blacklisting sender address or domain
- Drop/Quarantine External emails to recipients
- Monitoring and acknowledge tickets from the ticketing Tool
- Working on the issue,followup,ticket closure
- Daily Health Check on Microsoft Services
- Monthly Report on the emails delivered/received
- Allowing spoofed domains to send emails to the recipient
- Monitorting alerts triggered from Microsoft Defender related to quarantine release, Restricted user, Phish alert etc
- Creating Policy/Content filter depending on the user requirement
- Seeking Microsoft support in case required
- Work with email senders(Thirdparty) to resolve if legitimate emails are blocked due to DMARC policy
- Analyze Spoof Intelligence, Impersonation Insight to adjust EOP policies
- Weekly meeting with Customer on Email Security
- Share monthly reports to the stakeholders for visibility on user performance
- Create Custom EOP Policies
- Analyze and modify SPF/DKIM/DMARC records
- Prepare implementation plan. Review & implement accordingly
- Review of configurations, rules & policies periodically and provide recommendation
- Modify Inbound & Outbound routing configurations in Exchange as per the requirement
- Work with DNS teams to modify MX,SPF,DKIM,DMARC records.
Qualifications / Experience :
- 3 to 5 Years Experience
- Endpoint security solution, NIPS, Vulnerability Scanning, Cloud security posture management, DLP, Email Security Solution expertize
- Education Qualification in relevant discipline
- Tertiary qualifications are essential
- Excellent verbal and written communication skills; expertise in setting and managing user expectations
- Strong teamwork and interpersonal skills at all management levels
- Airline Domain Knowledge Preferable
