Cyber Security Operations Consultant L2

Hong Kong, Hong Kong SAR

Job company Capgemini
Size 10001+ employees
Job specification: Key Responsibilities

Daily Operations

Triaging, investigating and management of ongoing Cyber Security Incidents.
Day to day management of the NDR, EDR and SOAR platform
Support in the creation of operational documents such as- use cases, play/run books
training materials) on incident response, and ensures regular updating of these
Support in the creation of various metrics, reporting, review of incident progress and
Support Regional Security Operations to ensure the Security posture of business units
under proper measure, monitor and manage.

SOC Incident response

Support the SOC Manager on incident management and remediation.
Manage incidents
Report on incidents
Assist on developing new ideas on how to improve the security operations, creates
procedures, handling guidelines and playbooks.
Where appropriate working with the global SOC responding and resolving events
by the SIEM

Forensics and Malware

Conduct Forensic investigations to facilitate such things as root cause analysis,
of malicious insider and data breaches.
Investigate Malicious files and package to ensure RCA, and be able to provide those findings to the relevant stakeholders to further secure our environment

Security Projects & Deployments

Supports in the implementation of the SOC, its security tooling and the resourcing.
Supports other projects at the discretion of the Senior Manager Cyber Security Operations.


Degree holder in Computer Science or related disciplines, or appropriate
extensive experience.
GIAC Cyber Security Cert or CISSP qualification is a big plus.
At least 3-5 years experiences in Information Security
Proficient in utilising Splunk within a SOC and Incident Response environment.
Experienced with Endpoint/Network Detection and Response, preferably
Crowdstrike and Vectra.
A sound understanding and working experience of Security Orchestration and
Response tooling, preferably Cortex XSOAR.
Hands on Cyber security incident management within a SOC environment.
Strong problem-solving skills and fast learner.
Solid experiences on Information Security Management System and IT Service
Liaison skill & teamwork, passion & commitment mentality
Good interpersonal and communication skills.
Fluent in spoken and written English

Technical Requirements

A sound understanding and knowledge of using Splunk in a SOC environment.
Broad knowledge of cyber security concepts including antivirus and malware
protection, vulnerabilities, web and application security.
Solid support experiences of enterprise security tools such as Enterprise Anti-virus,
Vulnerability Management, EDR, SIEM, SOAR and other supporting tools.
Well experienced in security incident handling.
Experience in various ticketing tools.
Seniority Level


Information Technology & Services
Employment Type


Job Functions
Information Technology Consulting
More jobs in this location:
Cyber Security Jobs Hong Kong SAR
Cyber Security Jobs Hong Kong