Cyber Threat Analyst
ENSIGN INFOSECURITY (CYBERSECURITY) PTE. LTD.
S$4000 - S$6000
Duties & Responsibilities:
- Produce intelligence outputs to provide an accurate depiction of the current threat landscape and associated risk through the use of customer, community, and open source reporting
- Produce actionable intelligence information for delivery to colleagues and customers in the form of technical reports, briefings, and data feeds
- Participate in regular threat focus meetings with fellow SOCs
- Perform detailed investigative works into all traffic anomalies against established, historical baselines of individual agencies. Reviewing and profiling the events of all monitored clients
- Assist the Security Analysts with the investigative works
- Build rules and intelligence to detect such threats and proliferate to all monitored networks. Implementing and devising detection method of such threats in our security operations thru CESM IE/MCE Rules, DB scripts etc.
- Works with R&D for new signature package for deployment.
- Filtering and fine-tuning the security events flowing to our databases
- Prepare training programme for Security Analyst and conduct knowledge sharing sessions for Security Analyst
- Working with engineering team to set up new initiatives i.e. honeypot on the Internet ADSL link to improve security incident detection capabilities
- Monitor real-time third party security feeds, forums, and mailing lists to gather information on vulnerabilities and exploits related to the client
- Assess each event based on factual information and wider contextual information available
- Any other tasks as assigned
- Degree holder with at least 5 years' of experience in related field and capacity
- Prior experience working in a Security Operations Centre (SOC) or Computer Emergency Response Team (CERT/CIRT).
- Possessed deep interest in open source research and critical thinking / contextual analysis abilities
- Investigative and analytical problem solving skills
- An understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security;
- Related professional cyber security certification, such as GCIA, CEH, will be preferred.
- Experience with intelligence analysis processes, including Open Source Intelligence (OSINT) and closed source intelligence gathering, source verification, data fusion, link analysis, and threat actor.
- Ability to research and characterize security threats to include identification and classification of threat indicators
Closing on 13 Feb 2021