Monitor third party security feeds, forums, and mailing lists to gather information related to the client through automated means
Produce intelligence outputs to provide an accurate depiction of the current threat landscape and associated risk through the use of customer, community, and open source reporting
Produce actionable intelligence information for delivery to colleagues and customers in the form of technical reports, briefings, and data feeds
Review vulnerabilities advisories
Review and process threat intelligence reports
Perform detailed investigative works into all traffic anomalies against established, historical baselines of individual agencies. Reviewing and profiling the events of all monitored clients
Assess each event based on factual information and wider contextual information available
Review, propose and generate reports to automate or reduce low value event escalations
Build rules and intelligence to detect such threats and proliferate to all monitored networks. Implementing and devising detection method of such threats in our security operations through SIEM Rules, DB scripts etc.
Perform periodic analysis of security events, network traffic, and logs to engineer new detection methods, or create efficiencies when available
Supports the development of tactics, techniques, and procedures in providing proactive threat hunting and analysis against the available information sources (e.g. Netflow, DNS and Firewall logs, etc.)
Assist the Security Analysts with the investigative works
Prepare training programme for Security Analyst and conduct knowledge sharing sessions for Security Analyst
Fulfil Change Requests, Service Requests and respond to internal / external enquiries with regards to detection Use Case
Any other tasks as assigned
Requirements
Degree holder with at least 5 years' of experience in related field and capacity
Prior experience working in a Security Operations Centre (SOC) or Computer Emergency Response Team (CERT/CIRT).
Possessed deep interest in open source research and critical thinking / contextual analysis abilities
Investigative and analytical problem solving skills
An understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security;
Related professional cyber security certification, such as GCIA, CEH, will be preferred.
Experience with intelligence analysis processes, including Open Source Intelligence (OSINT) and closed source intelligence gathering, source verification, data fusion, link analysis, and threat actor.
Ability to research and characterize security threats to include identification and classification of threat indicators
Beware of fraud agents! do not pay money to get a job
MNCJobz.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.