Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

Fortinet Use Case Specialist SOC - 
Singapore 
971767719

05.12.2024

Use Case Specialist (SOC) is responsible for studying security data and logs, designing and implementing queries, rules and reports to detect security threats and training SOC analysts to triage and respond. They work closely with a team of security analysts to identify, investigate, and respond to security threats within Fortinet SOC.

As a Use Case Specialist, you will:

  • Have strong understanding of threat detection technologies such as Next-Gen Firewalls, endpoint protection and EDR solutions. Experience with Fortinet products such as FortiGate, FortiClient and FortiEDR is a bonus.
  • Have good understanding of common security log sources across different Operating systems, common services and security devices. Experience with Fortinet product logs is a bonus.
  • Develop SOC monitoring use cases based on detection technologies, available data sources and applicable threats vectors across both IT and OT.
  • Implement and test SOC monitoring use cases using security tools and technologies such as SIEM and SOAR from development to PoC, Staging and production stages. Experience with Fortinet SecOps products such as FortiAnalyer, FortiSIEM and FortiSOAR is a bonus.
  • Have experience with DB query languages such as SQL and scripting languages such as Python, Bash, Powershell to retrieve, analyze and visualize security data in different SOC reports.
  • Have good understanding of cybersecurity frameworks such as MITRE and its tactics and techniques including ICS domain to organize SOC use case development work and gap analysis.
  • Collaborate with cross-functional teams, including SOC teams to ensure SOC monitoring use cases are implemented and maintained well. Furthermore provide guidance and expertise to operation teams on triage and response steps.
  • Keep up-to-date with industry trends and developments in cybersecurity and continuously improving the security operations center to meet changing security needs.

An insightful and influential collaborator to join our team. We encourage you to apply for this position if you have the following qualities:

  • Minimum 5 years of experience in cybersecurity, incident response and security engineering.
  • Strong problem-solving, analytics and communication skills are also important for this role, as well as relevant certifications such as CISSP, CISM, or CEH.