Block.one is a software publisher specializing in high performance blockchain technologies. Its
first project, EOSIO, an open-source blockchain protocol designed to enable secure data
transfer and high-performance decentralized applications, has received global recognition as
the first performant blockchain platform, following its introduction in May 2018.
Through its affiliate, Block.one Hong Kong provides software development and consultancy
services through its office in Central, Hong Kong. We are continuing to look for global and local
talent to join us in Hong Kong to offer creative solutions based on the latest technological
innovations and trends.
Responsibilities & Qualifications:
Respond to security incidents, perform containment, and forensic investigations
Identify gaps from incidents and recommend controls for improvement
Develop and maintain incident response plans and SOPs
Develop detection use cases in SIEM
Analyze security event data for proactive threat hunting
Conduct research on latest threats and vulnerabilities to improve incident response readiness and capabilities
Assist in red team exercises and penetration tests
Shift work (either early or late) may be required
3+ years verifiable experience in Security Operations and/or Incident Response.
Bachelor’s degree in cybersecurity, computer science, or related field preferred.
CISSP, CISM, GCIA, GCIH, GCFE, GCFA, GREM, Splunk Power User, or similar certifications.
Experience in performing analysis with SIEM technologies such as Splunk and ELK.
Experience in performing proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks.
In-depth understanding and working knowledge of security appliances/tools such as host-based and network-based IDS/IPSes, WAFs, EDR, etc.
Strong understanding of networking protocols, operating systems, and cybersecurity concepts and technologies.
Proficient in the use of the Linux/Unix command line.
Ability to write simple automation scripts.
Experience in forensic tools and malware analysis and Cloud environments such as AWS and GCP is a plus.
Ability to work across different regions in a process/procedure driven organization.
Excellent verbal and written communication skills with a proficiency in English.