Team and Role Introduction:
Alibaba International Digital Commerce (AIDC) aims to further accelerate global e-commerce growth by leveraging its parent company's extensive experience and expertise in digital commerce. As a dedicated platform for international online retail, AIDC is poised to empower entrepreneurs, brands, and consumers alike with innovative digital solutions, enhancing the overall shopping experience across borders.
AIDC is seeking someone passionate about Cybersecurity operations. AIDC Security Operations.Team defines, monitors security alerts and responds to security incidents. We are looking for a SOC Analyst/Engineer.

If handling cyber threats, playing with cutting edge technologies and working with very talented professionals excites you, this might be the right place for you to work. You are very welcome if you have or want to develop expertise in these domains: Intrusion Detection & Analysis,Incident Response and Threat Hunting.
Do you want to join a fast-growing E-Commerce company which uses technologies such as Big Data, AI, DevOps, Cloud Computing and automation on a large scale? Do you want to join a multi-cultural company that provides great career development opportunities? Welcome to AIDC!

Key Responsibilities:
• Handle priority security alerts from different security tools and reports (phishing email,
malware, intrusion, data leak, vulnerability, etc.) in timely manner.
• Take lead in investigating the incidents and guide colleagues in incident handling.
• Finding new patterns/anomalies and translating the findings to improve our detection
capabilities by creating new and/or fine tune alerts on our big-data SIEM.
• Automating and developing tools/scripts to improve our detection and response
capability (Python, SOAR, etc.).
• Owning, administering and managing security engineering projects.
• Write and maintain Security Operations playbooks and standard operating procedures.
• Participate in Blue/Purple teams exercise to test and improve our monitoring and
response capabilities.
• Ability to do root cause analysis and publish findings in form of reports.

About You:
• Good knowledge of OS (Windows, Mac & Linux), common network Protocols, traffic
analysis and security technologies like NGFW, IPS, IDS, EDR, SIEM.
• Programming experience in Python, Shell scripting or other language
• BS/MS in Computer Science with 4+ years of experience
• English working proficiency (written and spoken)
• Passionate, curious, eager to learn.

Preferred qualifications:
• Preferred relevant SOC experience in handling security alerts, analysis and response
• Exploring logs, logs management and SIEM operation
• Good working knowledge of security systems, networks and architectures
• Understanding of NIST, MITRE frameworks and OSS projects
• Knowledge of vulnerability management, handling Zero day situations and pen-testing
• Feel ownership and accountability about security operations
• Digital Forensics & Incident Response - Have worked on highest escalation situations
and have been in complex incident situations
• Proficient in programming with good knowledge of APIs

Bonus Points:
• Certifications like OSCP, OSEP, GCWN, GCIA, GCIH, GMON, GCFA, GREM
• Experience with hackathons, CTF and other recognition boards
• Research publications and contribution to OSS community