Proactively \'hunt\' for potential malicious activity and incidents across the environment using advanced threat network and host-based tools adopting Mitre Attack Framework.
Perform hunting for malicious activity across the network, endpoint, and Critical Assets.
Create hunting hypothesis and perform IOCs & TTPs based threat hunting and share reports with the management weekly on the findings, misconfiguration, use case development and provide suggestions for counter measurement.
Expertise in hunting, managing, and writing detections using logs from Endpoint Detect and Response solutions like Carbon Black EDR, CrowdStrike EDR & Cortex XDR etc.
Research on different TTP\'s for ATP Threat groups which are used by attackers during the sophisticated Cyber-attacks.
Collaborates with technical and threat intelligence team to provide indications and warnings and contributes to predictive analysis of malicious activity.
Perform cyber security threat hunting & detection activities with specific focus on countermeasure Tactics, Techniques and Procedures (TTPs)
Contribute to the tuning and development of security information and event monitoring systems (SIEM) use cases and other security control configurations to enhance threat detection capabilities.
Familiarity with threat modelling, development of attack plans, performing manual & automated Ethical Hacking, & develop proof of concept exploits.
Evaluates new security technologies and products and performs engineer-level work and analysis to determine if solutions should be pursued.
Additional Details:
It\xe2\x80\x99s a client serving role \xe2\x80\x93 there will be KPIs and SLAs expected on role service tasks.
Location is at client\xe2\x80\x99s premises \xe2\x80\x93 Synapxe ASOC\xe2\x80\x99s current location is at Serangoon but they will be moving to One North sometime in Q3 , Q4 2024.
ASOC operates on a 24x7 basis, though contract states 7am to 530pm for working hours, TH and IR folks are expected to support after business hours in the event of an incident.