Cyber Arc Analyst - Singapore - ITCAN PTE. LIMITED

    ITCAN PTE. LIMITED
    ITCAN PTE. LIMITED Singapore

    2 weeks ago

    Default job background
    Description
    Roles & Responsibilities


    Proactively 'hunt' for potential malicious activity and incidents across the environment using advanced threat network and host-based tools adopting Mitre Attack Framework.


    • Perform hunting for malicious activity across the network, endpoint, and Critical Assets.
    • Create hunting hypothesis and perform IOCs & TTPs based threat hunting and share reports with the management weekly on the findings, misconfiguration, use case development and provide suggestions for counter measurement.
    • Expertise in hunting, managing, and writing detections using logs from Endpoint Detect and Response solutions like Carbon Black EDR, CrowdStrike EDR & Cortex XDR etc.
    • Research on different TTP's for ATP Threat groups which are used by attackers during the sophisticated Cyber-attacks.
    • Collaborates with technical and threat intelligence team to provide indications and warnings and contributes to predictive analysis of malicious activity.
    • Perform cyber security threat hunting & detection activities with specific focus on countermeasure Tactics, Techniques and Procedures (TTPs)
    • Contribute to the tuning and development of security information and event monitoring systems (SIEM) use cases and other security control configurations to enhance threat detection capabilities.
    • Familiarity with threat modelling, development of attack plans, performing manual & automated Ethical Hacking, & develop proof of concept exploits.
    • Evaluates new security technologies and products and performs engineer-level work and analysis to determine if solutions should be pursued

    Additional Details:

    • It's a client serving role – there will be KPIs and SLAs expected on role service tasks.
    • Location is at client's premises – Synapxe ASOC's current location is at Serangoon but they will be moving to One North sometime in Q3 , Q
    • ASOC operates on a 24x7 basis, though contract states 7am to 530pm for working hours, TH and IR folks are expected to support after business hours in the event of an incident.
    Tell employers what skills you have

    Cyber Threat Hunting
    Security Risk
    Tactics
    Predictive Analysis
    java security
    Cyber Security
    Unix Security
    RFID Security
    Data Security
    IT-Security
    Tuning
    MCSA Security
    Writing
    Threat Intelligence
    Cyber Security Management