Connecting...

Senior analyst Threat & Incident Management

Location: Singapore, Singapore Salary: competitive
Sector: Banking IT Type: Permanent

Reporting to the Information Security, Threat & Incident Management unit, he/she will have the following responsibilities:

* Perform regular threat monitoring and reporting on threat landscape

* Establish and maintain governance on the effectiveness of the incident management processes

* Develop specific content necessary to implement security use cases and transform into correlation queries, rules, alerts, reports and dashboards to detect emerging threats

* Monitor the impact of deploying new content to the health and performance of the SIEM

* Lead logging enrollments from multi-tier applications into enterprise logging platforms

* Collaborate with key stakeholders to develop specific use cases to address specific business needs, and with application owners to define and establish logging standards to address various governance requirements.

* Collaborate with mission-based, expert teams to build innovative security analytics solutions that enable continuous adaption to modern cyber-security threats

* Design, prototype, test and implement analytics used to address critical threat detection use cases utilizing big-data technologies and tools

Experience / Requirements:

  • More than 8 years of security experience in a technical role, mainly in the area of
    • Enriching readily available log data in enterprise environments
    • Combining multiple security logs for central analysis
    • Extract actionable indicators of compromise
    • Analyst key components and correlate the data
    • Start investigation to identify the threat and lead the incident response
    • Identify lessons learnt to incorporate to improvise existing processes
  • Ability to lead junior SOC analyst to ensure triage activities meets performance standards.
  • Knowledge in Cyber Hunting, Sandboxing solutions, End Point Detection and Recovery Systems, Intrusion Detection Systems and Network security is preferred
  • Strong security background (understanding risk assessment, legal and regulatory requirements, threats, vulnerabilities, security policies etc.)
  • Excellent technical understanding of post-exploitations to nimbly detect intrusions
  • Ability to read and understand system and network traffic data including security event logs, system logs, security control logs, network packets, etc.
  • Demonstrate prior experience in scripting languages, software vulnerabilities, hacking techniques, exploits, malware analysis
  • Comprehensive knowledge of the threat landscape, adversary tactics, techniques, and procedures (TTP), general attack stages, kill-chain and attack types
  • Broad knowledge and proven experience in incident handling and incident response methodologies
  • Excellent knowledge of network security technology and various detection, analysis, troubleshooting and configuration control tools (e.g. SIEM, NIDS; DAM, Big Data Analytics, Log file and network traffic analysis, vulnerability scanner)

Huxley, a trading division of SThree Pte Limited (Registration Number: 200720126E | SThree Pte Limited Licence Number 16S8216 | Huxley Licence Number 53132076J)

Award winner of:

International Recruitment Company of the Year by Recruitment International 2016

Best Client Services by Asia Recruitment Awards 2017

Best Overseas Operation by Gloabl Recruiters 2017