Monitoring security logs sources and alerts from the SIEM and other threat detection systems for threats activity. Interpreting, conducting analysis and making recommendations for resolution.
Hunting potential internal and external threats and developing detection mechanisms and reports.
Handling security incidents in line with the incident response processes.
Assuring the prompt and adequate follow-up on priority action items with resolver groups.
Producing security incidents reports and recommendations.
Following, maintaining and helping in the evolution of the SOC processes and procedures, including use case, SOP, etc.
Working with resolver groups to evaluate and recommend new security practices and solutions.
Providing security advices and promoting security awareness to other IT teams and clients.
Working actively on evolving our threats detection and team efficiency by acting on noise and false positive.
Helping in the production of threat intelligence and IoC by leveraging threats information from past incidents, sandboxes reports, malware reversing and data forensic.
Degree in Computer Science, Data Communications, Engineering or equivalent.
Experience in using SIEM technologies, endpoint protection, IDS and other security technologies.
Over 3 years of working experience within a mature SOC organization or as a security threat analyst in an equivalent security environment.
Experience in the pen testing/ethical hacker field is a plus.
Technical expertise in multiple security technologies would be an advantage including security incident handling experience.
Skills in network analysis, sandboxing, malware reversing or forensic is an asset.
Strong knowledge of vulnerabilities, CVE, 0day and their potential impacts.
Good knowledge of threat intelligence data, IoC, threat actors, kill chain, Stix/Taxii, etc.
Experience with IT compliance assessments (ISO 27000 etc.).
Keeping aware and continually informed of the worldwide security landscape: new threats, actors, du jour attack, as well as the new security technologies and products.
Functional skills with regex, IDS signature, SPL and SQL is a plus.
Certified Information Systems Auditor
Global Information Assurance Certifications (GIAC) e.g. Certified Incident Handler (GCIH), Certified Intrusion Analyst (GCIA), Certified Enterprise Defender (GCED) or other relevant GIAC certifications.
Working location at East area
Interested candidates must be open to support staggered shift hours (Mondays to Fridays, no overnight shift), and weekends support.
To apply, please visit www.gmprecruit.com and search for Job Reference: 17957
To learn more about this opportunity, please contact Yingying at [Click Here to Email Your Resume]
We regret that only shortlisted candidates will be notified.
GMP Technologies (S) Pte Ltd | EA Licence: 11C3793 | EA Personnel: Lai Yingying | Registration No: R1110239