Principal/Lead IT Security Specialist (Cyber-threat Intelligence)

Contract Type

Location

Industry

Reference

Contact Name

Permanent

Singapore

Information Technology

Yvonne Tang

Contact Email

Published Date

26 July 2021

Eddy Chee.jpg

Yvonne Tang

Managing Consultant

Licence Number:  R1110355

Job Description

Share this job

Responsibilities:

Singaporeans and PRs only

The incumbent will be responsible for processing, organizing and analyzing security telemetry collected from various systems to identify and report on emerging cyber threats especially from known threat actors. This includes the acquisition and curation of cyber intelligence data from various sources to supplement and enrich existing logs.


Duties & Responsibilities

  • Conduct proactive threat hunting and analysis using the following intelligence sources for actionable IOCs/TTPs,

  • open source

  • vendor and private sources

  • internal sources

  • government partners

  • Develop preventive actions and countermeasures for detected IOCs/TTPs.

  • Develop SIEM (Splunk) rules and use cases for monitoring relevant IOCs/TTPs.

  • Identify emerging threat concerns and intelligence requirements.

  • Generate new IOCs/TTPs based on telemetry collected.

  • Develop reports and deliver briefings for various levels of management with regards to current and emerging threats.

  • Collaborate with other teams to integrate and automate threat intelligence with security tools.

  • Evaluate new threat feeds and their relevance to the environment.

  • Evaluate and implement a Threat Intelligence Platform.

  • Assist in incident investigation and forensics.

Requirements

Qualifications

  • Degree in Computer Engineering, Computer Science, Information Systems or equivalent qualification.

  • At least 5 years of experience in cybersecurity with at least 3 years in handling cyber-threat intelligence related work.

  • Knowledge of prominent cyber threat actors and APT groups.

  • Experience with Threat Intelligence Platforms.

  • Experience with SIEM (especially Splunk) and SOAR (especially Demisto).

  • Scripting skills such as Python, Perl, PHP.

  • Certifications such as GCTI or equivalent will be an added advantage

Please send your resume in word format to tang.yvonne@gsp-asia.com