Security Operations Specialist

We Are

YouTrip is at the forefront of Asias financial revolution defining the future of digital finance with its leading multicurrency payment platform. Launched in 2018 YouTrip has swiftly ascended as a powerhouse orchestrating billions in transactions annually and securing the trust of millions. With innovative solutions like YouTrip for consumers and YouBiz for businesses we offer unmatched financial ease and costeffectiveness. Fresh off a successful US$50 million Series B funding round led by Lightspeed Venture were setting new benchmarks in the digital financial services sector.

At the heart of our mission is a commitment to eliminate financial borders across Asia propelling us into the next wave of digital finance.

Job Description: Security Operations Specialist

Were looking for a Security Operations Specialist to join our team. The candidate is part of the First Line of Defense (FLOD) and shall be responsible for supporting the groups Security Operations Centre. The candidate shall be responsible for identifying assessing and mitigating security risks associated with our fintech operations and support ongoing security monitoring efforts. You will work closely with crossfunctional teams to implement and enhance security measures ensuring compliance with industry standards and regulatory requirements. The ideal candidate has a strong background in cybersecurity operations and a deep understanding of the unique challenges in the FinTech or financial industry space.

Key Responsibilities

• Capture and analyze security event logs from various sources including servers network devices applications and cloud platforms to extract actionable security insights and identify security gaps.
• Develop build and refine detection rules and correlation logic to enhance the accuracy and efficiency of security monitoring leveraging industry frameworks like MITRE ATT&CK and the Cyber Chain.
• Design and implement tools to orchestrate and automate security monitoring leveraging SOAR platforms and scripting (e.g. Python PowerShell) to streamline repetitive tasks.
• Build and maintain security incident response playbooks and create meaningful reporting metrics to track the effectiveness and efficiency of SOC activities.
• Assist with the Data Loss Prevention efforts.
• Assist with investigations of security events and incidents collaborating with incident response teams to mitigate risks and prevent future incidents.
• Investigate and respond to security incidents using findings from log analysis promptly addressing threats and vulnerabilities in collaboration with the response team.
• Contribute to incident response sessions participating in root cause analysis lessons learned and helping to implement improvements to enhance incident detection and prevention strategies.
• Coordinate with external DFIR vendors to conduct indepth forensic analysis and manage complex security incidents ensuring effective collaboration and resolution.
• Collaborate with AWS & GCP administrators and engineers to address identified vulnerabilities and ensure security in a dynamic cloudbased environment.
• Develop cuttingedge detection content using advanced security frameworks and techniques ensuring alignment with the latest industry innovations and trends.
• Ensure adherence to industry best practices local and global regulatory requirements and the companys strategic objectives in cybersecurity.
• Work closely with key stakeholders to identify respond to and remediate information security issues across the organization.
• Support internal and external audits.
• Contribute ideas and solutions to a fastpaced evolving team focused on operational excellence and the continuous improvement of SOC processes.
• Contribute to the ongoing maturity of the Security Operations team helping to shape SOC strategies and enhance the overall effectiveness of security operations.
  
  

Requirements:

• Bachelors degree in Cybersecurity Computer Science or Information Technology
• Experience with SIEM tools (e.g. Splunk QRadar LogRhythm or similar).
• Handson experience with log management and analysis tools (e.g. OpenSearch LogRhythm Graylog).
• Strong understanding of cloud security best practices and AWS security services (e.g. AWS Security Hub AWS Config AWS CloudTrail AWS GuardDuty).
• Proficiency in scripting languages (e.g. Python PowerShell) and automation tools (e.g. SOAR).
• Strong understanding of security frameworks including MITRE ATT&CK Cyber Chain and NIST.
• Experience with cloud security and familiarity with AWS & GCP environments.
• Excellent communication and collaboration skills with the ability to work crossfunctionally.
• Industry certifications (e.g. CISSP CEH GCIH) are a plus.
• 610 years of experience with SIEM or indepth operational experiences in a SOC function with strong familiarity of metrics tools and processes

Required Experience:

Senior IC