S$8000 - S$11000 per annum + Variable Bonus
12 months ago
Cyber Security Detection and Response Specialist - Regional
- Global leading MNC
- Opportunity to be part of Global Cyber Security team and manage Cyber Threat Intelligence , Security Event Response , Incident Response and Forensics
- The role offers a strong career progression and a platform to strengthen your experience
The main objective of the regional Cyber Security Detection and Response Specialist is to monitor for and respond to cyber threats facing network, system and information assets.
The Cyber Security Detection and Response Specialist will achieve this objective by analyzing threat intelligence, performing security monitoring activities and conducting incident response in a proactive manner.
Cyber threat intelligence: Curate and analyse information in the context of business to enable a course of action that can be undertaken to improve security or supports decision making.
* Collaborate on defining intelligence requirements to support overall cybersecurity strategy and operations.
* Collect data from relevant sources including commercial and open-source feeds & Produce intelligence products
* Collaborate with regional SO functions and share relevant threat intelligence.
* Interface with Vulnerability Management team as appropriate to share threat intelligence information.
* Respond to requests for information by stakeholders and provide support for briefings as needed.
* Incorporate threat intelligence into security operations capabilities & maintain repository for threat intelligence.
Security event monitoring: Perform monitoring of designated network, system and information assets for security events to promptly detect cyber incidents and mitigate their impact to the organization.
* Perform security monitoring functions in line with defined playbooks
* Follow escalation procedures and workflows for security events as necessary.
* Assist with the collection and aggregation of performance metrics.
Incident response: Assist with the development of scenario-based procedures, classifications, techniques, and guidance.
* Support regional incident triage activities and tracking of critical cybersecurity incidents from initial detection through final resolution.
* Assist in handling security incidents from other co-partner teams.
- Assist with and participate in annual incident response training to ensure readiness across regions.
* Support compliance with any applicable regulatory requirements for cyber incidents.
Proactive leadership:Actively communicate and keep abreast of the latest trends in threat intelligence, security monitoring and incident response.
Education and Work Experience
* CISSP, GCIH, GCFA/GCFE certifications are mandatory. Bachelor's or Master's degree in Computer Science, Information Security, Information Systems, Computer Engineering, or a related field is required.
* 5 years of relevant work experience in threat intelligence, security monitoring, incident response and forensics lifecycle
* 3 years of Financial Services, Fintech and/or Banking and automotive experience preferred.
* 3 years of experience triaging security events using a variety of tools including Splunk in a security operations environment.
* 3 years of experience with packet flow, TCP/UDP traffic, firewall technologies, IDS technologies (e.g., Snort rules), proxy technologies, Data Loss Prevention (DLP) and antivirus, spam and spyware solutions.
* 5 years of experience conducting incident response activities and seeing incidents through to successful remediation.
* 3 years of experience in managing and develop Splunk security use cases
* Experience with a programming/scripting language such as Python, Perl or similar.
* Deep knowledge of computer networking concepts and protocols (including OSI and TCP/IP layer models) and network security methodologies.
* Deep knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
* Strong understanding of network traffic analysis methods including packet-level analysis.
* Basic understanding of RegEx.
* 3 years of experience dealing with malware analysis concepts and methodologies to include code de-obfuscation techniques, dynamic and static code analysis, and malware execution concepts (dropper, implant, payload, etc).
* Solid ability to employ incident handling methodologies.
* Deep knowledge of cyber kill chain.
* Deep understanding of threat intelligence lifecycle.
Please send your resume in WORD format by clicking the apply button below or contact Anju Lagah on +65 6701 1504 for a confidential discussion. Please note that only short-listed candidates will be contacted.CEI Reg. Number R1219693 (Anju Lagah).