Senior Cybersecurity Defensive Engineer

Key Responsibilities:

• Monitor and analyze security events from SIEM, IDS/IPS, firewalls, and other security tools to detect potential threats and attacks.
• Investigate alerts and incidents, perform root cause analysis, and provide timely response and remediation.
• Develop, document, and execute incident response playbooks and procedures.
• Work closely with Offensive and Architect teams to validate threats, close vulnerabilities, and enhance defensive measures.
• Conduct continuous threat hunting to proactively identify malicious activity within the network and systems.
• Implement and fine-tune security controls, rules, and signatures for detection and prevention systems.
• Maintain and optimize endpoint protection, email security, and data loss prevention (DLP) solutions.
• Support disaster recovery and business continuity testing from a cybersecurity perspective.
• Prepare incident reports, metrics, and dashboards for management and regulators.
• Ensure defensive operations comply with BOT regulations and international standards (e.g., ISO 27001, NIST, PCI-DSS).

Qualifications:

• Bachelor's or Master's degree in Computer Science, Information Security, or related field.
• Minimum 5 years of experience in cybersecurity operations, SOC analyst, or incident response roles.
• Strong knowledge of network protocols, operating systems, malware behavior, and intrusion techniques.
• Hands-on experience with SIEM platforms (e.g., Splunk, QRadar, ELK), IDS/IPS, and endpoint protection tools.
• Familiarity with threat intelligence platforms and frameworks such as MITRE ATT&CK.
• Good analytical, troubleshooting, and problem-solving skills.
• Strong written and verbal communication skills in both Thai and English.
• Ability to work under pressure and respond effectively during security incidents.

Your Skills:

• Expertise in monitoring, detecting, and responding to cyber threats across networks, endpoints, and applications.
• Strong incident response capability, from investigation to remediation.
• Ability to translate threat intelligence into actionable defense improvements.
• Collaborative approach to strengthen the organization's resilience against evolving cyber threats.