APT L2 Engineer

Job Summary The APT L2 Engineer will provide operational support for managing, configuring, and optimizing Advanced Persistent Threat (APT) solutions, ensuring the detection, analysis, and mitigation of advanced cyber threats.

Key Responsibilities 1. APT Solution Administration

• Configure, manage, and optimize FireEye NX (Network Security), HX (Endpoint Security), and AX (Malware Analysis) appliances.
• Monitor network traffic, emails, endpoints, and malware behavior to detect advanced threats.
• Integrate FireEye solutions with SIEM tools (Splunk) for security event correlation.
• Ensure continuous threat intelligence updates to protect against zero-day threats and APTs.

2. Incident Response & Threat Hunting

• Investigate escalated security incidents detected by APT solutions.
• Perform forensic analysis on infected endpoints and compromised network segments.
• Work with SOC and threat intelligence teams to identify and mitigate APT campaigns.
• Assist in containment, eradication, and recovery phases of cybersecurity incidents.

3. Threat Intelligence & Security Analysis

• Analyze FireEye alerts, sandbox reports, and malware indicators (IoCs, IoAs).
• Proactively hunt for threats using MITRE ATT&CK framework, YARA rules, and Threat Intelligence.
• Fine-tune malware detection rules, whitelists, and signature-based alerts to reduce false positives.
• Stay updated on emerging cyber threats, TTPs (Tactics, Techniques, Procedures), and adversary trends.

4. Security Compliance & Documentation

• Ensure FireEye solutions comply with security frameworks.
• Maintain and update incident response playbooks, runbooks, and security policies.
• Assist in security audits, risk assessments, and compliance reviews.

5. System Maintenance & Performance Optimization

• Conduct regular health checks on FireEye appliances and troubleshoot performance issues.
• Apply firmware updates, security patches, and configuration optimizations.
• Monitor log retention, appliance resource utilization, and storage capacity.

Education & Certification Requirements 1. Bachelors degree in Computer Science, Cybersecurity, Information Technology, or a related field. 2. Preferred Certifications:

• FireEye Certified Incident Responder (FCIR) - (Preferred)
• FireEye Certified Security Analyst (FCSA) - (Preferred)
• CompTIA Security+

Technical Skills

• Hands-on experience with FireEye solutions.
• Strong understanding of Advanced Persistent Threat (APT) detection and malware analysis.
• Experience in SIEM tools integration and log analysis for security event correlation.
• Proficiency in forensic analysis, threat hunting, and malware behavior analysis.
• Knowledge of MITRE ATT&CK framework, YARA rules, IoCs, IoAs, and TTPs.
• Familiarity with network security, IDS/IPS, sandboxing, and email security protocols.

Soft Skills

• Strong problem-solving and analytical skills.
• Ability to work under pressure and handle escalated security incidents.
• Excellent documentation and communication skills.
• Team player with a proactive approach to cybersecurity.

Experience Requirements

• 3-5 years of experience in cybersecurity operations, threat analysis, or SOC/NOC environments.
• Prior experience in FireEye APT solutions administration and incident response.

Information :

• Company : PT Metrocom Global Solusi
• Position : APT L2 Engineer
• Location : Jakarta
• Country : ID