Began as an IPS Engineer, my job is mostly doing security events review, report, and infra setup for my clients such as government agencies, banking institutions, or well-known companies in Taiwan.
Later started leading a small team, that managed few big PoCs and over twenty of small projects.
We Offered network security advice to help clients keeping attack events from the company's parameter. Also give our professional knowledges to speed up clients' daily incident inspections.
Products:
McAfee IPS, ENS, DLP, SIEM
ArcSight SIEM (SC, Logger, ArcMC, ESM)
IBM SIEM (QRadar, Resilient)
Responsibilities:
1. Product course for both internal and clients
2. Monthly /quarterly Security event reporting
3. Leading / Executing PoC projects
4. Product troubleshooting
5. Script writing for SIEM semi-automation