Cyber Security Detection and Response Specialist - Regional
- Global leading MNC
- Part of regional and global security response team
- Working in company with appetite for latest trends and technologies
Main Objective
The main objective of the regional Cyber Security Detection and Response Specialist is to monitor for and respond to cyber threats facing network, system and information assets.
The Cyber Security Detection and Response Specialist will achieve this objective by analyzing threat intelligence, performing security monitoring activities and conducting incident response in a proactive manner.
Main Accountabilities
Cyber threat intelligence: to improve security or supports overall cybersecurity strategy
Security event monitoring: Perform monitoring of designated network, system and information assets for security events in an effort to promptly detect cyber incidents and mitigate their impact to the organization.
Incident response: Participate in incident response activities.
Proactive leadership: Actively communicate and keep abreast of the latest trends in threat intelligence, security monitoring and incident response.
Education and Work Experience
* CISSP, GCIH, GCFA/GCFE certifications are mandatory. Bachelor's or Master's degree in Computer Science, Information Security, Information Systems, Computer Engineering, or a related field is required.
* 5 years of relevant work experience in threat intelligence, security monitoring, incident response and forensics lifecycle
* 3 years of Financial Services, Fintech and/or Banking and automotive experience preferred.
* 3 years of experience triaging security events using a variety of tools including Splunk in a security operations environment.
* 3 years of experience with packet flow, TCP/UDP traffic, firewall technologies, IDS technologies (e.g., Snort rules), proxy technologies, Data Loss Prevention (DLP) and antivirus, spam and spyware solutions.
* 5 years of experience conducting incident response activities and seeing incidents through to successful remediation.
* 3 years of experience in managing and develop Splunk security use cases
* Experience with a programming/scripting language such as Python, Perl or similar.
* Deep knowledge of computer networking concepts and protocols (including OSI and TCP/IP layer models) and network security methodologies.
* Deep knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
* Strong understanding of network traffic analysis methods including packet-level analysis.
* Basic understanding of RegEx.
* 3 years of experience dealing with malware analysis concepts and methodologies to include code de-obfuscation techniques, dynamic and static code analysis, and malware execution concepts (dropper, implant, payload, etc).
* Solid ability to employ incident handling methodologies.
* Deep knowledge of cyber kill chain.
* Deep understanding of threat intelligence lifecycle.
Please send your resume in WORD format by clicking the apply button below or contact Anju Lagah on +65 6701 1504 for a confidential discussion. Please note that only short-listed candidates will be contacted.CEI Reg. Number R1219693 (Anju Lagah).
