Principal/Lead IT Security Specialist (Cyber-threat Intelligence)
26 July 2021
Licence Number: R1110355
Singaporeans and PRs only
The incumbent will be responsible for processing, organizing and analyzing security telemetry collected from various systems to identify and report on emerging cyber threats especially from known threat actors. This includes the acquisition and curation of cyber intelligence data from various sources to supplement and enrich existing logs.
Duties & Responsibilities
Conduct proactive threat hunting and analysis using the following intelligence sources for actionable IOCs/TTPs,
vendor and private sources
Develop preventive actions and countermeasures for detected IOCs/TTPs.
Develop SIEM (Splunk) rules and use cases for monitoring relevant IOCs/TTPs.
Identify emerging threat concerns and intelligence requirements.
Generate new IOCs/TTPs based on telemetry collected.
Develop reports and deliver briefings for various levels of management with regards to current and emerging threats.
Collaborate with other teams to integrate and automate threat intelligence with security tools.
Evaluate new threat feeds and their relevance to the environment.
Evaluate and implement a Threat Intelligence Platform.
Assist in incident investigation and forensics.
Degree in Computer Engineering, Computer Science, Information Systems or equivalent qualification.
At least 5 years of experience in cybersecurity with at least 3 years in handling cyber-threat intelligence related work.
Knowledge of prominent cyber threat actors and APT groups.
Experience with Threat Intelligence Platforms.
Experience with SIEM (especially Splunk) and SOAR (especially Demisto).
Scripting skills such as Python, Perl, PHP.
Certifications such as GCTI or equivalent will be an added advantage
Please send your resume in word format to email@example.com