Job Description

We drive the transformation of the financial markets. That\'s why we invest in bright minds, in their ideas, knowledge and development. We do that by combining our best sides.

If you would like to find out why stability makes us so agile, why experience makes us so curious and why empathy makes us so impactful, apply now for the position of

Senior Incident Responder & Threat Hunter

Singapore | working from home up to 60% | Reference 5309

The SIX Security Monitoring & Incident Response (SMIR) is the central incident response team for the SIX Group and works closely with the Threat Detection & Hunting team. Both are part of the Cyber Security organization within IT and are tasked with the core mission to proactively detect attackers within SIX through development of detection methods and hunts as well as leading the response to the identified information security incidents in a professional, effective and timely manner when they occur.

What You Will Do

• help shape the build-up of a global incident response organisation with locations in Singapore, Zurich & Madrid
• actively perform technical analyses & forensic investigations (live forensics) and participate in incident response activities including an IR rotation & 24x7 on-call (approx. 6 weeks / year)
• conceptualize, test, and develop threat detection use cases as well as SOAR playbooks that will guide the analysts during investigations
• conceptualize, test, and execute proactive hunts based on latest techniques and threat intelligence reports focusing on host activities and network traffic
• design, test, and develop integrations and automation logic among the tools in our technology stack (i.e. cloud security products, SIEM, EDR, SOAR) to support the investigation activities

What You Bring

• 5+ years of active incident response experience in a dedicated position, including 3+ years of hands-on experience in threat hunting activities
• 3+ years of hands-on experience in the area of scripting and automation; preferably familiar with REST APIs, Python, GitLab, and Azure DevOps
• experience with data analytics & manual log analysis to identify and investigate security-relevant events and anomalies in multiple SIEM & EDR tools
• in-depth knowledge of on-prem / cloud-based environments and associated practical forensic analysis techniques & artifacts
• fluency in English (written and verbal), German and/or Spanish is a plus

If you have any questions, please call Jake Browne at +44 207 550 5415.

For this vacancy we only accept direct applications.

Diversity is important to us. Therefore, we are looking to receiving applications regardless of any personal background.

What We Offer

Flexible Work Models
We trust our employees and offer a work environment that is well-balanced, productive and fosters success.

Personal Development
You will benefit from a culture of continuous learning and feedback. Your personal growth is supported through an extensive learning offering.

Agile Working Methods
Whether through scrum or design thinking,
we solve exciting tasks together in teams.

SIX Group