SOC Use Case Development
- Collaborate with Use Case Developer to identify and assist in developing use cases for the Security Operations Centre.
- Collaborate with Use Case Developer and ISOPS stakeholders to validate and finalise the list of SOC Use Cases.
- Collaborate with Use Case Developer, ISOPS Security Architects, Security SMEs and Consultants to finalise and define requirements for the new SOC Use cases.
- Collaborate with Use Case Developer and Config & Management team to plan and develop a schedule for implementation and change required to the Security Information and Event Management (SIEM) platform and the supporting SOC processes to support use case implementation.
- Engage with Head of SOC, Use Case Developer to prioritise use case implementation schedule.
- Collaborate with Use Case Developer, Security SME to identify data quality and upstream device log configuration change requirements.
- Engage with Use Case Developer and Config & Management team to finalise the schedule and develop specific test case and regression testing for the SIEM platform to validate functionality on implementation of the use cases.
- Ensure new and changes to existing Use cases are implemented with appropriate change management authorisation and testing to validate the effects of new and changed use cases.
- Ensure the SIEM platform and SOC operations impact is minimised during implementation and change of new Use cases.
Config & Management
- Collaborate with Config & Management team to identify and document SIEM platform configuration and general administration tasks and activities.
- Collaborate with Config & Management team to ensure the configuration and management tasks can be performed through a defined interface and with appropriate access control.
- Ensure all Config & Management changes follow change management process with relevant authorisations and approvals.
- Ensure the SIEM Configuration and Management are performed and setup on par with industry good practices and vendor recommendations as applicable.
- Ensure Config & Management team are able to deliver new changes to use cases with existing mechanisms and technology interface.
- Ensure there’s adequate audit and change tracking enabled to verify and validate all configuration and administration task changes on the SIEM platform.
- Ensure the Use Case Developer, Config& Management team roles are fulfilled as per their job descriptions backed by skill and experience.
- Participate in recruitment and sourcing of staff for Use Case Developer and Config & Management team roles.
- Identify and develop case and budget for training course for the team.
- Assess and monitor the performance of the team to ensure they fulfil stated objectives.
- Ensure team members participate in industry association and vendor organised sessions to be regularly briefed on the advances within the SIEM technology space and security monitoring, next generation SOC etc.
- Bachelor degree in Computer Science, Engineering, or related field.
- An MSc Information Security would be desirable but is not essential
- Information Security and/or Information Technology industry certification (CISSP, CISM, or equivalent) preferred but not essential
- SIEM specific vendor technology qualifications
Overall work experience in the field
- Experience in Information Security field - 4 years
- Background as a L1/L2 SOC analyst preferred but not essential
- Proven experience in security engineering and SIEM tools e.g. HP Arcsight
Skills / abilities
- Cross cultural sensitivity, flexibility
- Organized with a proven ability to prioritize workload, meet deadlines, and utilize time effectively
- Good interpersonal and communication skills, works effectively as a team player
- Ability to function effectively in a matrix structure
- Good analytical skills
- Fluent in English
Would you like to wake up every day driven and inspired by our noble mission and to work together as one global team to empower people to live a better life? Here at AXA we strive to lead the transformation of our industry. We are looking for talented individuals who come from varied backgrounds, think differently and want to be part of this exciting transformation by challenging the status quo so we can push AXA - a leading global brand and one of the most innovative companies in our industry - onto even greater things.
In a fast-evolving world and with a presence in 64 countries, our 166,000 employees and exclusive distributors anticipate change to offer services and solutions tailored to the current and future needs of our 103 million customers.
To support our business strategy and digital transformation, AXA is building a new Group Security Practice to ensure a coordinated response to the increasing cyber security threat, enable risk decisions to be made consistently across the organization and establish sustainable security capabilities that are integrated with the business.
Our vision for Information Security is to ‘protect our stakeholders by securing our information assets, managing our cyber risk and enabling business strategies in an efficient and effective way, fully supported by executive leadership and underpinned by all AXA employees’.
At AXA, we lead a an HR policy that encourages diversity, maintains your professional and private life balance and accelerates the skills and career development : promotion of diversity, remuneration policy, training device, ... Discover everything that makes AXA an employer of choice.
Whatever your job is, we strive to offer you career opportunities. Our goal is to develop your skills to support the transformation of our changing business.