Security Engineer - Cyber Security Operations

About the Role We're seeking a Security Engineer to join our growing Cyber Security team. This is a hands-on operational role focused on strengthening our organisation's security posture through day-to-day security operations, including alert triage, endpoint security, vulnerability management, and incident response support. You'll work closely with IT and infrastructure teams to enhance our detection and response capabilities, making this an excellent opportunity for someone with a strong foundation in security operations who wants to make a tangible impact on organisational security. Key Responsibilities Endpoint & Detection Operations Operate and fine-tune the organisation's EDR platform (e.g., CrowdStrike) Monitor and investigate security alerts, escalating complex incidents as required Perform initial triage and coordinate with IT/engineering teams for remediation Maintain and tune detection rules, watchlists, and response playbooks Build and improve dashboards to track alert volumes, trends, and key performance indicators Vulnerability & Exposure Management Conduct regular vulnerability scans across endpoints, servers, containers, and cloud workloads Review and validate scan results, suppress false positives, and prioritise remediation by risk Collaborate with system owners to track remediation efforts and verify patch completion Support broader security initiatives including secure configuration baselines and asset inventory accuracy Incident Response Support Assist with evidence collection, log analysis, and containment activities during security incidents Participate in post-incident reviews and contribute to lessons learned Maintain response documentation, runbooks, and readiness procedures Security Tooling & Automation Maintain integrations between EDR, SIEM, vulnerability scanners, and ticketing systems Automate repetitive operational tasks such as alert enrichment, ticket creation, and alert routing Develop and contribute to scripts and playbooks that improve detection accuracy and response speed Security Hygiene & Business-as-Usual Improvements Enforce endpoint baseline configurations and hardening standards Support user access reviews and basic identity and access management (IAM) hygiene checks Participate in periodic compliance reviews, audits, and security reporting activities 4+ years of experience in security operations, SOC, or similar technical security role Bilingual proficiency in English and Chinese (written and verbal) Strong communication skills with ability to clearly explain technical security concepts to both technical and non-technical stakeholders Hands-on experience with endpoint detection and response (EDR) platforms such as CrowdStrike, SentinelOne, or Microsoft Defender Practical knowledge of vulnerability management tools and processes (e.g., Qualys, Tenable, Rapid7) Strong understanding of common attack vectors, malware behaviour, and threat hunting fundamentals Experience investigating security alerts and performing log analysis Familiarity with security frameworks and standards (e.g., NIST, CIS Controls) Basic scripting skills (Python, PowerShell, or Bash) for automation tasks Strong analytical and problem-solving abilities with attention to detail