Senior Consultant (Cyber Threat Analytics), National Cyber Threat Monitoring Centre, CSA
MINISTRY OF COMMUNICATIONS AND INFORMATION
Information Technology, Public / Civil Service
Established on 1 April 2015, the Cyber Security Agency of Singapore (CSA) provides dedicated and centralised oversight of Singapore's national cybersecurity functions. It is the national body overseeing cybersecurity strategy, operation, education and outreach and ecosystem development. It is part of the Prime Minister's Office and is managed by the Ministry of Communications and Information.
The National Cyber Threat Monitoring Centre (NCTMC) enables the Government to deal more effectively with cyber threats of national significance by enhancing capabilities in early threat discovery and sense-making.
As a member of the cyber threat analytics team within NCTMC, you will undertake an operational responsibility in performing cyber threat discovery. Your responsibilities include:
- Understanding data structures, transforming, analysing and visualising them to uncover cyber-attack patterns or derive meaningful insights from a variety of sources (E.g. From private feeds, open-source data, network logs, etc.)
- Leveraging on cutting-edge technologies as well as traditional SOC capabilities (such as SIEMs) to pivot from threat intelligence into enterprise data, so as to produce analytics to detect new or stealthy attacks.
- Enhancing existing Security Operations Centre (SOC) processes and perform reviews to optimise existing workflow and operations in the SOC, in alignment with the business requirements and contribute to the long-term strategy and planning.
- Timely communicate meaningful insights to alert stakeholders on possible cyber threats and attacks, so as to facilitate timely threat mitigation.
- Integrating information from multiple sources to better understand the technical sophistication of cyber threats and attacks, identify security breaches, research and develop forecasting/analytical methodologies to make correlations and perform trend and pattern analysis to identify, assess and project future cyber threat scenarios.
- You will also be required to work closely with internal and external stakeholders to corroborate analysis and findings.
- Relevant qualifications in Cyber/Information Security or Computer Science/Engineering or related fields.
- At least 5 years of working experience, as SOC Manager or Tier-2 Security Analyst at SOC environment.
- Experience in developing detection use cases for variety of logs (E.g. Security Events, Firewall).
- Experience in cybersecurity operations will be an advantage.
- Strong technical knowledge and background in analysis.
- Strong technical skills (E.g. ability to code and script; knowledge and usage of regular expression; etc.). Professional Certifications such as CISSP, CISA, GCIA and OSCP is a plus.
- A team player with strong analytical and quantitative skills.
- Excellent oral and written communication and interpersonal skills.
- Keen interest in working in a fast-paced environment and be constantly exposed to emerging cybersecurity issues.
All applicants will be notified on whether they are shortlisted or not within 4 weeks of the closing date of the job posting.
Closing on 12 May 2021