Alibaba is looking for a Security Operations Center (SOC) to help us improve and expand our rapidly-growing products.
Responsibilities
- Security Monitoring and Incident Response:
- Proactively monitor security alerts, logs, and events to detect potential security incidents.
- Lead incident response efforts, investigating and mitigating security breaches or unauthorized access.
- Conduct post-incident analysis to identify root causes and implement preventive measures.
- Security Infrastructure Management:
- Manage and maintain security tools and technologies such as SIEM, IDS/IPS, and firewalls.
- Ensure proper configuration, tuning, and updating of security systems to maximize effectiveness.
- Threat Intelligence and Analysis:
- Stay up-to-date with the latest cybersecurity threats and vulnerabilities.
- Analyze threat intelligence data to identify emerging risks and potential impact on the organization.
- Security Policies and Procedures:
- Develop, update, and enforce security policies, standards, and procedures.
- Collaborate with the compliance team to ensure adherence to relevant regulations and standards.
- Incident Reporting and Documentation:
- Document all security incidents, detailing the incident's nature, impact, and response actions taken.
- Produce regular reports on security operations and performance for management.
- Security Projects and Improvements:
- Drive initiatives to improve security operations and enhance the overall security posture.
- Evaluate and recommend new security technologies and tools to strengthen defenses.
Requirements
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field. Relevant certifications such as CISSP, CISM, or GIAC certifications are desirable.
- Proven experience (typically 5+ years) in SOC operations, incident response, and threat analysis.
- Extensive knowledge of security principles, practices, protocols, and technologies.
- Hands-on experience with security monitoring tools, SIEM platforms (Splunk) , IDS/IPS, firewalls, and endpoint security solutions.
- Strong understanding of networking protocols and systems administration in a heterogeneous environment.
- Familiarity with regulatory frameworks and compliance standards (CIS ,GDPR, HIPAA, NIST).
- Excellent analytical and problem-solving skills, with the ability to make sound decisions under pressure.
- Effective communication skills, both written and verbal, and the ability to convey complex technical concepts to non-technical stakeholders.
- Leadership skills and the ability to mentor and guide junior team members.
- Continuous learning mindset, staying updated with the latest cybersecurity trends and best practices.