SOC Incident Response Engineer Job in 資訊科技及電子通訊 in 所有澳門特別行政區地區

SOC Incident Response Engineer Job in 資訊科技及電子通訊 in 所有澳門特別行政區地區 - Job Description

職位內容

公司名稱: CSA Automated (Macau) Ltd
Established in 1994, CSA Automated (Macau) Limited is a leading systems integrator in Macau and a wholly-owned subsidiary of Automated Systems Holdings Ltd (The ASL Group). With 50 years of success, we have established our reputation as a prominent IT service provider in the region. With our strong commitment to quality services, we are dedicated to delivering one-stop services to customers, ranging from supply of computer systems and associated products to systems integration, from network and system installation to software and maintenance, and from project management to consultancy.

To cope with our rapid business expansion, we invite high caliber individuals to apply for the following vacancy:

SOC Incident Response Engineer

Job Description:
Lead incident analysis, investigation, and response within the SOC. Enhance defense capabilities and lead threat hunting and attack chain analysis.
Key Responsibilities:
• Develop incident notification, handling, and reporting mechanisms and processes.
• Lead incident response drills and coordinate with internal/external departments.
• Threat modeling and automation orchestration: dynamically adjust strategies and algorithms (e.g., anomaly detection, UEBA, malicious traffic classification).
• Maintain alert/event baseline and SOPs: analyze existing alerts, build baseline libraries, and update them continuously.
• Attack surface detection: identify shadow assets and exposed services, assess risks, and reduce attack surface.
• Lead cybersecurity assessments: conduct vulnerability scans and penetration tests from a hacker’s perspective, perform security stress tests and source code audits.
Required Qualifications:
• Education & Experience:
• Bachelor’s degree or above in Computer Science, Information Security, or related fields.
• 3+ years in SOC, CERT, CSIRT, or related roles.
• Industry-recognized certifications such as CISP, CISSP, or equivalent.
• Technical Knowledge:
• Deep understanding of offensive/defensive techniques, MITRE ATT&CK, malware behavior, and exploit methods.
• Strong networking fundamentals; skilled in packet analysis.
• Familiarity with Windows and Linux internals.
• Experience with security device configuration and policy tuning.
• Tool Proficiency:
• Extensive experience with SIEM platforms.
• Experience with EDR tools.
• Proficient in at least one scripting language for automation.
• Soft Skills:
• Strong analytical and problem-solving skills and can work under pressure.
• Clear communication with technical and non-technical stakeholders.
• High sense of responsibility and team spirit.
• Willingness to work rotating shifts (including nights/weekends, 7x8).
Preferred Qualifications:
• Cloud security incident response experience.
• Digital forensics experience.
• Familiarity with TIPs and practical application.
• Hands-on experience on HackTheBox, TryHackMe.
• Automation scripting capabilities.

Please apply with detailed resume and expected salary to the Business Operation Manager, CSA Automated (Macau) Ltd., No. 180 Alameda Dr Carlos D’ Assumpcao, Tong Nam Ah Comercial Campo, 14 andar O-R, Macau or email to natalieng@asl.com.mo