Security Engineer
Responsibilities:
About the Company
Tencent is a leading global technology company focused on connecting people and developing innovative products and services that improve the quality of life of people around the world. Founded in 1998 and publicly traded on the Hong Kong Stock Exchange since 2004, Tencent offers a variety of products and services, including leading communication and social platforms (Weixin/WeChat), high-quality entertainment (from video games, music, TV and film, sport and literature), FinTech (WeChat Pay and QQ Wallet) and industry-leading cloud products and services.
Tencent Overseas IT & Tech Platform aims to empower its rapid growth with future-ready, global tech platforms, applications, and services. We are chartered to lead the Overseas platform architecture, roadmap, and execution. Our top aspirations are to satisfy our internal/external customers and become a world-class global tech team.
Compliance and Security of Overseas IT focus on building a secured and compliant infrastructure to provide our game studios. Our team will partner with Cloud Center of Excellence, Cybersecurity Legal, Privacy office and different Business Group to deliver the best cloud and on-premises solution.
We are seeking a Security Engineer to design and implement Security SOC program for our Internal IT and Game Studios, making sure our environment is secure and compliant.
This role will work closely with our internal IT and Tencent Cloud product teams, as well as our game studios to build the best Cybersecurity SOC program. This role will be responsible for configuring, implementing, and managing SIEM, SOAR and incident response process that can detect, analyze and respond to security-related events and incidents. Some of the key responsibilities include:
Investigating security alerts for indications of breach or compromise
Threat hunting and analyzing logs from various data sources to develop custom detection rules to identify security incidents
Developing and maintaining security dashboards and reports
Maintaining SIEM platform and data quality
Collaborate with other teams and studios to investigate and respond to security incidents and potential breaches
Creating automation playbook on SOAR platform
Requirements:
Who we are looking for
Self-motivated, articulate, passionate to deliver the best result and achieve the highest customer satisfaction
Technical and capable of suggesting custom ideas to solve complex problems
Works independently and has the aptitute to learn new tools and technologies
Good customer facing skills, and can work at a very fast pace
Love satisfying customers with a state of art cloud solutions, realizing ideas, building services, and unlocking the potential of new technologies
Collaborative, independent, insistent, flexible, and open minded. And you see no conflict in any of these things
Knowledgeable, resourceful and show initiative. You always keep the customer’s objectives in mind
Positive by nature, a great team player, and both dependable and autonomous
Requirements
Knowledge and hands-on experience with SIEM, knowledge of ElasticSearch is a plus
Experience with query languages: SQL, SPL, KQL, ES|QL
Experience with SOAR Automation tools is a plus
Understanding of network protocols and architectures
Strong analytical skills to analyze and correlate large volumes of event logs from different sources
Attention to details and expertise in security technologies and tools, such as IPS/IDS, Firewalls, VPN, etc
Experience with incident response and security investigations
Experience with executive level incident reporting
Experience with programming languages Python, Java, C++, C#, Go is a plus
Strong communication skills to work with cross-functional teams
Experience with game console development kit Security is a plus
Previous experience with leading security and compliance initiatives with game development / publishing is a plus
Information security certifications: CISSP, CISA, CISM, or CEH are plus
