Summary

Cybersecurity is a global function in OneDegree Group. Our mission is to improve cybersecurity maturity of OneDegree based on OneDegree cybersecurity framework. The team assisted OneDegree Hong Kong in preparing for its cybersecurity audit by the Hong Kong Insurance Authority, OneDegree Hong Kong was granted a virtual insurer license in 2020 April. The team further assisted OneDegree Global (SG) became ISO 27001 and ISO 27017 certified in 2021 May.

Responsibilities

• 管理 OneDegree SIEM 解決方案，包括從各種來源收集事件數據、設計可視化安全報警及儀表版、威脅獵捕及資安事件調查。
• 與 Cymetrics 紅隊合作，從偵測角度研究新型態網絡攻擊。 於 SIEM 解決方案上 PoC 您的研究結論，以提升我們在網絡安全上的可視化程度。
• 與 SRE 團隊合作，透過在 Azure、AWS 和 GCP 等雲平台上的監控、報警和自動化，協助實施提高系統可靠性、可用性、可擴展性、低延遲、高性能和效率之解決方案。
   
• Manage OneDegree SIEM solution, which includes collecting event data from various sources, designing and visualizing the security metrics and alerts, threat hunting, and incident investigation.  
• Collaborate with the cybersecurity red team to research the novel security attacks from the detection angle. PoC your study on SIEM to improve security visibility.
• Work with SRE team to implement and continuously improve system reliability, availability, scalability, latency/performance, and efficiency through monitoring, alerting, and automation on cloud platforms such as Azure, AWS, and GCP.

Requirements

• 與資訊工程、軟體工程學歷相關的學士或以上之學位。
• 至少 2 年的相關工作經驗，並熟悉安全日誌分析，熟悉Splunk、ArcSight。
• 具有能夠有效將資訊安全問題向內部同仁以及管理層溝通的能力。
• 具有規劃、研究和開發資訊安全規範、標準和程序的經驗。
• 積極主動且為團隊合作者，能夠快速學習和應用新技術來解決問題。
   
• Bachelor’s degree or higher in computer science or software engineering required.
• At least 2 years of relevant work experience required, strong knowledge on security log analysis, and are familiar with Splunk, ArcSight.
• Ability to communicate network security issues to peers and management.
• Experience planning, researching and developing security policies, standards and procedures.
• A self-driven team player with the ability to quickly learn and apply new techniques to resolve the problems.

Plus

• 了解LogRhythm、QRadar、ELK、Azure Sentinel等。
• 深入理解安全威脅：網絡入侵、內部威脅、惡意軟件等。
   
• Experience with LogRhythm, QRadar, ELK, Azure Sentinel, etc.
• Deep understanding of security threats: network intrusion, internal threats, malware, etc.

Interview Process

• 1st Interview: 1.5 hours, meet with hiring managers + HR
• 2nd Interview: 1 hour, meet with Taiwan Director + HR

Compensation commensurate with experience.

好好工作，好好休息

• 加入第一天即享有年假，首年 15 天年假（依照入職比例發）
• 每年全薪病假 5 天、全薪生理假 3 天

一起成長，持續精進

• 參加 conference、外部訓練都有補助 (正職員工適用)
• 證照補助 (正職員工適用)
• 讀書會社團 - 前端、後端、SRE、區塊鏈等多元主題（全體同仁適用）

努力工作，我們也用力生活

• 健康檢查補助 (正職員工適用)
• 社團補助 - 各種運動社團、桌遊社、電玩社、這週要幹嘛社
• 定期補充的零食以及飲料櫃、義式咖啡機、氣泡水機
• 舒適的開放式工作環境，距離捷運台北101站 5分鐘路程
• 彈性上下班時間、彈性遠端工作