Web Security Engineer – Cyber Defence – 1 Year Contract Permanent NEW

Lazada (Alibaba Group), Southeast Asia’s largest online shopping mall is seeking a subject matter expert in Detection and Response (SOC/CSIRT). The SecOps team defines and monitors security alerts and responds to security incidents across 6 Asian countries. All SecOps engineers work ~50% of operations and 50% on the improvement of our detection and response capability). We have to overcome a lot of challenges working in a large scale and dynamic environment and we can leverage Alibaba cutting-edge technology (100% Cloud, big data/AI)

Responsibilities

– Analyse web security alerts (DDoS L7, WAF, DAM, RASP, etc) and enhance our detection capability by improving detection algorithm
– Use knowledge of scraping and robot detection to proactively detect automated abuse against our platform using Alibaba Technologies
– Uncover insights into network traffic (web or mobile) if there are automated attacks
– Develop strategy & tools to combat scraping and large-scale web attacks
– Identify trends and opportunities in investigating and blocking scraping
– Create investigation reports that clearly communicate issues and risks from both a technical and business perspective
– Work with internal teams to understand what happens with exfiltrated data
– Partner with internal teams to help shape and inform bot detection technology
– Support Cloud (AWS, Alicloud) and Linux Security Investigation (will be trained if not ready)

– 1 years of relevant experience

– Used to work with WAF/Anti-DDoS L7 solutions or relevant work in Web Security
– Understanding of Network traffic (TCP/IP, OSI)
– Understanding of how HTTP and API requests are utilized
– Understanding of how Browsers and Mobile Apps (iOS/Android) operate
– Experienced querying data using SQL
– Experience with at least 1 programming language such as: Python, Java, PHP, C, C++, Go, Javascript, etc
– Experience summarizing and communicating technical data to a non-technical audience
– Singaporeans only