Job Description

• Proactively \'hunt\' for potential malicious activity and incidents across the environment using advanced threat network and host-based tools adopting Mitre Attack Framework.
• Perform hunting for malicious activity across the network, endpoint, and Critical Assets.
• Create hunting hypothesis and perform IOCs & TTPs based threat hunting and share reports with the management weekly on the findings, misconfiguration, use case development and provide suggestions for counter measurement.
• Expertise in hunting, managing, and writing detections using logs from Endpoint Detect and Response solutions like Carbon Black EDR, CrowdStrike EDR & Cortex XDR etc.
• Research on different TTP\'s for ATP Threat groups which are used by attackers during the sophisticated Cyber-attacks.
• Collaborates with technical and threat intelligence team to provide indications and warnings and contributes to predictive analysis of malicious activity.
• Perform cyber security threat hunting & detection activities with specific focus on countermeasure Tactics, Techniques and Procedures (TTPs)
• Contribute to the tuning and development of security information and event monitoring systems (SIEM) use cases and other security control configurations to enhance threat detection capabilities.
• Familiarity with threat modelling, development of attack plans, performing manual & automated Ethical Hacking, & develop proof of concept exploits.
• Evaluates new security technologies and products and performs engineer-level work and analysis to determine if solutions should be pursued.

• It\xe2\x80\x99s a client serving role \xe2\x80\x93 there will be KPIs and SLAs expected on role service tasks.
• Location is at client\xe2\x80\x99s premises \xe2\x80\x93 Synapxe ASOC\xe2\x80\x99s current location is at Serangoon but they will be moving to One North sometime in Q3 , Q4 2024.
• ASOC operates on a 24x7 basis, though contract states 7am to 530pm for working hours, TH and IR folks are expected to support after business hours in the event of an incident.

ITCAN