hackquest logo

Web3 Security Operations Engineer

M

Moledao

80 - 180K USD
Full-time
Remote

Remote Job.

Base location options: Singapore / Malaysia / United Arab Emirates (UAE)


Job Responsibility

  • Monitor security events and alerts generated by Security Information and Event Management (SIEM) tools across on-premises and cloud environments.
  • Maintain and upgrade SIEM rules to reduce false positives and improve the detection accuracy of emerging threats.
  • Execute incident response procedures: contain threats, eradicate malicious activities, recover systems, and prepare post-incident reports (covering both on-premises office environments and cloud environments).
  • Collaborate with cross-functional teams (IT, Network, Application Security teams, etc.) to resolve security incidents and implement preventive measures; maintain and update security incident response plans, and conduct drills to test response readiness.
  • Evaluate or optimize cloud environment security policies, such as security groups, firewalls, IDS/IPS, IP whitelists, and AKSK (Access Key/Secret Key) policies.
  • Continuously monitor the latest threat intelligence, attack techniques, and security trends to enhance monitoring and interception capabilities.


Requirements:

  • At least 5 years of work experience in security industry, with relevant experience.
  • In-depth understanding of basic knowledge related to network security, operating systems (Windows/Linux/MacOS), and cloud security (AWS/GCP).
  • Experience with incident response methodologies (e.g., NIST SP 800-61, MITRE ATT&CK framework).
  • Familiarity with threat intelligence sources and related tools, with the ability to identify emerging threats and Tactics, Techniques, and Procedures (TTPs).
  • Proficiency in various security tools: firewalls, Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS), Endpoint Detection and Response (EDR) tools, and vulnerability scanners.
  • Excellent communication skills and teamwork spirit, with the ability to work under pressure during security breach incidents.


Preferred Qualifications:

  • Experience in security tool policy development or business R&D.
  • Experience or ability in analyzing 0day/1day vulnerabilities, threat intelligence, and APT (Advanced Persistent Threat) intelligence.