Our client is one of the largest Singaporean System Integrator and they are looking for a Threat Analyst to perform detailed security analyst and investigation works for customers.
* Produce intelligence outputs to provide an accurate depiction of the current threat landscape and associated risk through the use of customer, community, and open source reporting
* Produce actionable intelligence information for delivery to colleagues and customers in the form of technical reports, briefings, and data feeds
* Participate in regular threat focus meetings with fellow SOCs
* Perform detailed investigative works into all traffic anomalies against established, historical baselines of individual agencies. Reviewing and profiling the events of all monitored clients
* Assist the Security Analysts with the investigative works
* Build rules and intelligence to detect such threats and proliferate to all monitored networks. Implementing and devising detection method of such threats in our security operations thru CESM IE/MCE Rules, DB scripts etc.
* Works with R&D for new signature package for deployment.
* Filtering and fine-tuning the security events flowing to our databases
* Prepare training programme for Security Analyst.Conduct knowledge sharing sessions for Security Analyst.
* Working with engineering team to set up new initiatives i.e. honeypot on the Internet ADSL link to improve security incident detection capabilities
* Monitor real-time third party security feeds, forums, and mailing lists to gather information on vulnerabilities and exploits related to the client
* Assess each event based on factual information and wider contextual information available
* Any other tasks as assigned
* Degree holder with at least 3 years' of experience in related field and capacity
* Prior experience working in a Security Operations Centre (SOC) or Computer Emergency Response Team (CERT/CIRT).
* Possessed deep interest in open source research and critical thinking / contextual analysis abilities
* Investigative and analytical problem solving skills
* An understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security;
* Related professional cyber security certification, such as GCIA, CEH, will be preferred.
* Experience with intelligence analysis processes, including Open Source Intelligence (OSINT) and closed source intelligence gathering, source verification, data fusion, link analysis, and threat actor.
* Ability to research and characterize security threats to include identification and classification of threat indicators.