We have an exciting opportunity for a SOC Strategist Manager to join us in Hong Kong.

Job Purpose

This role is part of the Group IT Function and has a main responsibility for supporting Group IT Security in SIEM Use Cases Development and other detection tools of Cyber Security Operations.

This role will be accountable for managing the creation, testing, and implementing Splunk Correlation searches on operational use case descriptions. Working with the team to organize workshop sessions to identify/update business drivers, formulate a plan and strategist to develop a warranted and solid use cases.

This role is expected to work with different stakeholders, business units and subject matter experts to understand the requirements and required security use cases, able to identify the data sources to be onboarded and lead on the creation of the use case logic and use case type to use.

This role will report to the respective Global Senior Cyber Security Operations Manager – Detection and Response Team and be under the strategic direction of Head of Security with the assistance of Top-level management.

Key Responsibilities

Use Case Development

• Manage Use case developers/designers
• Provide quality assurance and control
• Assist on building use case logic and playbook 
• Assist on the onboarding of required data sources for the target use case
• Maintain Use Case Library

Strategic Planning

• Assist on building a security monitoring strategy
• Collaborate with stakeholders and internal team to identify and evaluate new use cases
• Provide consolidated user's requirements to security management team through clear documentation and presentations.
• Create and Update Use Case methodology

Security Projects & Deployments

• Supports in the implementation of the SOC, its security tooling and the resourcing.
• Supports other projects at the discretion of the Senior Manager Cyber Security Operations.

Person Specification

• Degree holder in Computer Science or related disciplines, or appropriate extensive experience.
• Certified Splunk Enterprise Security Administrator or Splunk Administrator is highly preferred.
• At least 5 years experiences in Information Security
• Experience in utilising Splunk within a SOC environment.
• Experienced with Endpoint Protection, Application Security, Vulnerability Management is a big plus.
• Have a good knowledge of the business, analytics, and data visualization.
• Strong problem-solving skills and fast learner.
• Liaison skill & teamwork, passion & commitment mentality
• Good interpersonal and communication skills.
• Fluent in spoken and written English

Technical Requirements

• Broad knowledge of and understanding of the security field and its core components
• Experience in security analyst Operations, specifically triage, investigation, and containment.
• Broad knowledge and understanding of Network data and a general understanding of network forensics.
• Broad knowledge and understanding of Computer operating systems and general understanding of OS forensics
• A basic understanding of directory and identity management services.
• A basic understanding of cloud computing and infrastructure.
• A basic understanding of server and service operations.
• A general understanding of Attacker tools such as Remote exploit kits, Remote Access Tools etc.
• A high level of understanding of Attack taxonomy such as MITRE ATT&CK, Lockhead Martin Kill chain, Diamond model etc.
• A basic experience with scripting/programming is required

Let's talk about what's in it for you!

Passionate people are Capgemini's Ace of Spades - join us to discover a career that will challenge, support and inspire you. Working at Capgemini you'll find the rewards are more than just financial. You will work alongside some very smart and inspiring people on exciting projects and you will also enjoy incredible benefits. We offer flexible work practices and 40 hours of self-development every year with a huge selection of learning opportunities to choose from.

As "Architects of Positive Futures", Capgemini actively supports the community in 3 ways:

Diversity and Inclusion - we believe diversity of thought fuels excellence and innovation, which is why we positively encourage applications from suitably qualified candidates regardless of their gender identity, ethnicity, sexual orientation, religion, ability, intersex status or age. To support our commitment to diversity and inclusion, we celebrate special events and days of significance that are important to our employees such as Diwali, Bastille Day, Pride, IDAHOBIT, IWD and International day of people with Disabilities. Our Employee Resource Groups [email protected] and OutFront support the grassroots passion of employees to drive our diversity agenda and effect change.

Digital inclusion - at Capgemini we are using our skills to drive social impact initiatives focusing on helping society address the impact of the digital and automation revolution. We also provide employees with opportunities to give back to the community through charity projects and volunteer days.

Environmental Sustainability - Capgemini joined the CDP's (Carbon Disclosure Project) prestigious "A list" for its commitment to the Net-Zero economy. We are focusing on helping our clients transform towards more sustainable business models and committing to reduce our own carbon emissions (GHG) by 20% per employee by 2020.

Recognised by Ethisphere as one of the World's Most Ethical Companies for the last 8 years in a row, ethics and values are at the heart of Capgemini's corporate culture and business. Embedded in our DNA, our seven values - Honesty, Boldness, Trust, Team Spirit, Freedom, Fun and Modesty - have remained the same since company inception in 1967. To see how we bring these values to life, click here to listen to some of our employee’s stories.

Come join us, bring your whole self to work, create new possibilities for you, your customers and your community and help us to be Architects of Positive Futures.

Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of 300,000 team members in nearly 50 countries. With its strong 50 year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fueled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms. The Group reported in 2020 global revenues of EUR 16 billion.