ZILO is focused on transforming the global asset management sector to create sustainable value for firms and the customers they serve. To achieve this, we started with a clean technology slate, a design-driven approach, and a commitment to put people first. ZILO's technology enables firms to replace legacy technologyand end-of-life systems, many of which were developed 30+ years ago, and slash costs, risk, and user friction along the way.
This digital transformation journey requires strong partnerships with our customers to modernise and expand their product and service propositions by unifying transfer agency, fund platforms, and fund accounting into a single global solution.
While we are a young fintech, our founders, leadership, engineering, and product teams are highly experienced with successful track histories of pioneering innovation-driven businesses, products, and services in our sector. Our collective goal is to be the market leading solution in global asset management. We would also like to spread some joy along the way.
About The Role
Security is a key pillar in Zilo’s business philosophy and fundamental to our success. Reporting to the Cyber Security Operations Management, this role is responsible for the monitoring and maintaining of ZILO’s Security Operations controls and processess. The SOC is a critical component of the overall security infrastructure, responsible for detecting, analysing, and responding to security incidents and threats in real-time and Vulnerability landscape.
Where relevant, the role will assist in defining security controls across our organisation to ensure that our products and services are able to gain and maintain industry leading accreditation and build trust with our customers.
This role will be tasked with assisting in the building and maintaining a best-in-class security operations function that operates with modern technology platforms including cloud, DevOps and CI/CD.
Requirements
Responsibilities :
- Analyst: The SOC Analyst is responsible for operating the day-to-day operations and controls of the SOC, including security monitoring and analysis, incident response, and analysis of Cyber Threat Intelligence (CTI). They must assist in ensuring that the SOC is adequately monitored, equipped, and able to detect and respond to security incidents effectively.
- Security Incident Response: The Analyst must report and support management in the incident response process, including initial assessment, containment, and mitigation of security incidents. They must coordinate with relevant stakeholders, such as Cyber Security Operations management, Third parties and IT teams, as required to ensure an effective response.
- Threat Intelligence: Analyst must identify and analyse emerging threats and ensure timely action or escalation.
- Security Monitoring: SOC Analyst must monitor the organization's systems, and applications for potential security breaches, anomalies, or suspicious activity. They must ensure that the SOC is utilising the tools and technologies provided to give the best possible visibility into the organisation's security posture.
- Security Testing: The SOC will be tested on occasion through approved Penetration Tests or Red Team exercises and all SOC associates will be required to perform Blue Team response.
- Reporting and Metrics: The SOC is required to provide regular reports to senior management on their performance, including incident trends, response times, and other key metrics including Vulnerability and Configuration weakness. SOC Analysts will be required to diligently maintain records in accordance to due process and may be required to collate metrics.
SOC Analysts must have strong technical skills and knowledge of security technologies and practices. They must also possess excellent communication skills to effectively support the SOC team and be able to effectively communicate with business stakeholders and senior management.
Qualifications :
- Related field or equivalent experience (3-5 years).
- Excellent communication and interpersonal skills and flexible.
- Knowledge of industry-standard security tools and frameworks, such as ISO 27001 and NIST (advantage)
- Experience in a SOC, incident response beneficial.
- Experience in AWS, Entra (Azure), 0365, Defender, Cloudflare, or Crowdstrike beneficial.
- Strong analytical capability and excellent verbal and written communication skills.
Benefits
- You are entitled to 23 days paid holiday during each calendar year plus 15 public holidays.
- Prepared to work a bi-monthly two shift pattern: (10% shift allowance paid for afternoon shift)
- Day Shift: Aligned with standard working hours in Bangkok.