[Tech] CERT - Cybersecurity Incident Analyst
Category
Core Tech (AI/DATA/Cloud/Security)
Due date
2025.04.30
Job group
Security
Experience Level
Experienced 3 years or more
Job Types
Full-time
Locations
Seoul / Gyeonggi서울특별시 강남구 대치동

[Job Description]

  • Incident ​analysis ​and ​response for ​cybersecurity breaches across the ​entire ​IT infrastructure, ​including Hyundai Motor's ​domestic group ​companies ​and overseas ​operations.
  • Security ​incident ​response (Cyber Security ​Incidents, ​Abuse, Insider Threats, ​etc.).
  • Derivation ​of ​Tactics, Techniques, and ​Procedures (TTP) ​through ​incident analysis ​and establishment ​of ​response protocols.
  • Identification of ​anomalies and ​development of response strategies based on large-scale log analysis.
  • Identification of potential threats within the group and evaluation and mitigation of residual threats.
  • On-call availability to prepare for incidents that may occur outside of regular working hours.


[Minimum Qualifications]

  • Ability to communicate effectively.
  • More than 8 years of experience in incident response.
  • Practical experience in responding to security and breach incidents in cloud environments (AWS, Azure, etc.).
  • Experience in incident response using EDR tools (e.g., HX, Sentinel One, Genian).
  • Experience with SIEM or Splunk.
  • Experience in detecting and analyzing anomalies based on large-scale log data.


[Preferred Qualifications]

  • Experience in Threat Hunting.
  • Experience in analyzing virtual environments (VM, VDI, etc.) and cloud platforms (AWS, Azure, etc.).
  • Understanding of malware behavior.
  • Experience in developing automation and scripting (Python, Go, Linux Shell, Perl, PowerShell).
  • Knowledge of or practical experience with MITRE ATT&CK framework.


[Recruitment Process]

  • Application Submission → Application Review → Job Competency Test (Coding or Task Test) & HMAT → First Interview → Second Interview → Salary Negotiation & Medical Check-Up → Final Decision & Job Offer


[Reminder]

  • This is an ongoing recruitment process and job postings will close once the positions are filled. The recruitment process and schedule are subject to change.
  • Applications of socially prioritized groups (veterans eligible for employment support, individuals with disabilities) will be given preference in accordance with relevant laws and internal company regulations.
  • Depending on the job position and responsibilities, an English proficiency interview, reference check, or other procedures may be conducted.
  • If Hyundai AutoEver determines that another position is more suitable based on the applicant's experience and competencies, the applied position may change.
  • Assigned departments and work locations may be subject to change based on company circumstances.
  • Applicants may face disqualification from the recruitment process or cancellation of an offer in the following cases.

- If the application contains false information or supporting documents cannot be verified.

- If the applicant has restrictions on international travel. (for male applicants, military service

must be completed or exempted by the company's designated start date)

- If the applicant is unable to join the company on the designated start date after final

acceptance.

Share
[Tech] CERT - Cybersecurity Incident Analyst

[Job Description]

  • Incident ​analysis ​and ​response for ​cybersecurity breaches across the ​entire ​IT infrastructure, ​including Hyundai Motor's ​domestic group ​companies ​and overseas ​operations.
  • Security ​incident ​response (Cyber Security ​Incidents, ​Abuse, Insider Threats, ​etc.).
  • Derivation ​of ​Tactics, Techniques, and ​Procedures (TTP) ​through ​incident analysis ​and establishment ​of ​response protocols.
  • Identification of ​anomalies and ​development of response strategies based on large-scale log analysis.
  • Identification of potential threats within the group and evaluation and mitigation of residual threats.
  • On-call availability to prepare for incidents that may occur outside of regular working hours.


[Minimum Qualifications]

  • Ability to communicate effectively.
  • More than 8 years of experience in incident response.
  • Practical experience in responding to security and breach incidents in cloud environments (AWS, Azure, etc.).
  • Experience in incident response using EDR tools (e.g., HX, Sentinel One, Genian).
  • Experience with SIEM or Splunk.
  • Experience in detecting and analyzing anomalies based on large-scale log data.


[Preferred Qualifications]

  • Experience in Threat Hunting.
  • Experience in analyzing virtual environments (VM, VDI, etc.) and cloud platforms (AWS, Azure, etc.).
  • Understanding of malware behavior.
  • Experience in developing automation and scripting (Python, Go, Linux Shell, Perl, PowerShell).
  • Knowledge of or practical experience with MITRE ATT&CK framework.


[Recruitment Process]

  • Application Submission → Application Review → Job Competency Test (Coding or Task Test) & HMAT → First Interview → Second Interview → Salary Negotiation & Medical Check-Up → Final Decision & Job Offer


[Reminder]

  • This is an ongoing recruitment process and job postings will close once the positions are filled. The recruitment process and schedule are subject to change.
  • Applications of socially prioritized groups (veterans eligible for employment support, individuals with disabilities) will be given preference in accordance with relevant laws and internal company regulations.
  • Depending on the job position and responsibilities, an English proficiency interview, reference check, or other procedures may be conducted.
  • If Hyundai AutoEver determines that another position is more suitable based on the applicant's experience and competencies, the applied position may change.
  • Assigned departments and work locations may be subject to change based on company circumstances.
  • Applicants may face disqualification from the recruitment process or cancellation of an offer in the following cases.

- If the application contains false information or supporting documents cannot be verified.

- If the applicant has restrictions on international travel. (for male applicants, military service

must be completed or exempted by the company's designated start date)

- If the applicant is unable to join the company on the designated start date after final

acceptance.