Security Operations Center Analyst

Position Purpose

APAC Production Security teams (based in Singapore and India) is covering multiple IT Security challenging tasks for BNP Paribas Asia Pacific region, such as:

- Production CSIRT / Logging & Detection

- Network Security

- Vulnerability & Compliance Security scanning

- Privileged Identity Management

- Designing & Implementation of Security solutions

- Production Support of Security solutions

The team in India is currently looking for an IT Security Professional, in order to reinforce its CSIRT Governance/Execution and Threat Hunting capability. The new joiner will improve the bank capabilities :

- To strengthen the governance and improve the CSIRT efficiency

- To participate as a Blue Teamer to security incident response and handle purple team exercises

- To detect APT (tool deployment, model update)

- To reinforce the skills of the team on L2/L3 topics

In particular, the new joiner will work closely with APAC CSIRT and Threat Intelligence teams.

Finally, the new joiner will fully be part of the Production CSIRT / Logging & Detection team and will have the opportunity to expand the scope of activities within the team.

Responsibilities

Direct Responsibilities

• Analyze the security alerts triggered on SIEM platform
• Finetune security alerts and provide suggestions
• Participate in the Incident Response and the development of new use cases in partnership with Logging and Detection Team
• Respond to Security Incident and provide accurate and efficient response
• Actively work on Threat Hunting methodologies, tools deployment and activities within and across BNP Paribas APAC, in close collaboration with Production and APAC CSIRT/CTI teams
• Be a full time member of the Production CSIRT / Logging & Detection team and participate to the various activities of the team

Contributing Responsibilities

• Contribute to the Permanent Control framework for implementation of policies and procedures in daytoday business activities, such as Control Plan.
• Comply with regulatory requirements and internal guidelines.
• Contribute to the reporting of all incidents according to the Incident Management System
• Enhancement and definition of the Incident Response framework within the Bank
• Responsible for 24/7 SOC operations

Technical & Behavioral Competencies

At least 2-5 years of experience as SOC Analyst

Strong understanding of cyber threat analysis models such as kill chain, diamond model, etc and how they apply to both targeted and non-targeted threats

Experience on Operating Systems (Windows, UNIX)

Strong understanding of common security products and technologies utilized in Enterprise environments (proxies, WAF, Firewalls, IDS/IPS, Anti-Malware, Endpoint, etc.)

Understanding of the OSI stack and the various protocols from layer 1 to 7 including SNMP, HTTP, VPN, DNS, etc.

Independent, self-motivated and innovative with good problem solving, interpersonal and communication skills, and can foster teamwork

Experience in common scripting languages such as Python, PowerShell or BASH