Job Description:
Lead the Security Operations Center (SOC) team to deliver 24/7 security monitoring, incident analysis, investigation, and response. Enhance overall defense capabilities and guide threat hunting and attack chain analysis.
Key Responsibilities:
• Oversee security operations: technical/project management, monthly reports, threat landscape analysis, and resolution of complex on-site issues.
• Lead security reviews of business systems and network architecture: provide recommendations for architecture optimization and technology selection.
• Threat hunting: proactively identify signs of malicious activity rather than passively waiting for alerts.
• Documentation and reporting: record incident handling processes, write reports, conduct post-incident reviews, and suggest improvements.
• Emergency response coordination: act as a key technical contact during major incidents, coordinating internal and external resources.
• Knowledge sharing: disseminate threat intelligence, attack techniques, and best practices within the team.
• Lead cybersecurity assessments: guide penetration testing, vulnerability scanning, and interpret reports as a subject matter expert.
Required Qualifications:
• Education & Experience:
• Bachelor’s degree or above in Computer Science, Information Security, or related fields.
• 4+ years in SOC, CERT, CSIRT, or related roles (incident response, VAPT, red/blue teaming, security operations).
• Industry-recognized certifications such as CISP, CISSP, or equivalent.
• Technical Knowledge:
• Deep understanding of offensive/defensive techniques, MITRE ATT&CK, malware behavior, and exploit methods.
• Strong networking fundamentals (TCP/IP, DNS, HTTP/S); skilled in packet analysis (e.g., Wireshark).
• Familiarity with Windows and Linux internals.
o Knowledge of ISO 27001, China’s MLPS 2.0, and hands-on experience in security architecture design.
• Tool Proficiency:
• Extensive experience with SIEM platforms (Splunk, Elastic SIEM, QRadar, etc.).
• Experience with EDR tools (CrowdStrike, Huawei Cloud HSS, etc.).
• Proficient in at least one scripting language (Python, PowerShell, Bash) for automation.
• Soft Skills:
• Strong analytical and problem-solving skills and can work under pressure.
• Clear communication with technical and non-technical stakeholders.
• High sense of responsibility and team spirit.
• Willingness to work rotating shifts (including nights/weekends, 7x8).
Preferred Qualifications:
• Experience in cloud security incident response (Huawei Cloud, AWS, Azure, GCP).
• Digital forensics experience.
• Familiarity with Threat Intelligence Platforms (TIP) and practical application.
• Hands-on experience on platforms like HackTheBox, TryHackMe.
• Automation scripting capabilities to improve team efficiency.

Please apply with detailed resume and expected salary to the Business Operation Manager, CSA Automated (Macau) Ltd., No. 180 Alameda Dr Carlos D’ Assumpcao, Tong Nam Ah Comercial Campo, 14 andar O-R, Macau or email to natalieng@asl.com.mo