- BBBH798717 Nov 22, 2021 S$100-149k
Cyber Threat Hunter & responder to be the focal point of the Cyber Defence Centre for our digital venture with rapid growth & development
As we are building the core cyber security capabilities for our Bank, the Cyber Threat Hunter and Responder will drive the building and run of best-of-breed capabilities and practices in monitoring, detection and response to security events across our systems and applications.
We are building a close knit and lean team bringing in modern approaches to security, integrating cloud-native security designs, offensive security, and agile development. Working closely with our MSSP to continuously develop and improve the quality of detection and response, the Cyber Threat Hunter and Responder will also work tightly with internal stakeholders (developers, architects, business) to design adaptive controls, measure and improve our Time To Detect (xTTD) and Time To Remediate (xTTR) vulnerabilities and attacks through innovative engineering.
The Role Responsibility:
Our Digital Venture is set for a rapid growth and rapidly evolutive environment, thus the candidate will be the focal point of the Cyber Defence Centre, continuously maintaining and improving control visibility and effectiveness. The role will be set to evolve and grow over time as the company develops.
Not exhaustively, the Cyber Threat Hunter and Responder will be responsible for:
- Proactively hunting for threats and indicators of compromise in the environment
- Working alongside the SOC/Managed Security Service Provider, handling all major activities on the ground, including incident response activities and threat hunting
- Being a local focal point for SOC, ensuring MSSP SOC and MDR integration is smooth and seamless
- SIEM Engineering - building SIEM use cases, detections and playbooks, developing and managing integrations
- L1/L2 monitoring, to review and maintain effective SLAs and SLIs
- Querying, processing and manipulating data in a variety of platforms and formats
- Creating security metrics and providing analysis solutions through dashboards
- Building, testing, and maintaining the effectiveness of cybersecurity and incident response playbooks
- Working closely with Product squads, Application Security and End-user Computing to ensure threat models are established and maintained, deriving adequate control plans adapted to each business context
- Working closely with the group to ensure our Digital Venture meets and exceeds control objective requirements across cyber defence, investigations, incident response and forensics
- Automating the collection of control output artefacts and audit trails to facilitate audit and regulatory reporting
- Working with Offensive Security team to ensure the result of intrusion tests and bug bounties positively improve our capacity to detect and respond to flaws and attacks
Our Ideal Candidate:
- Has 8+ years of relevant experience, with a blend of operational analysis, incident response and proactive threat hunting
- Is a technical expert in SIEM engineering, security monitoring, threat hunting, incident response, forensics and related areas of expertise
- Is a master of the relevant tools and engines
- Has the hands-on expertise to build and support the operational objectives while the Venture is in its build phase
- Is self-driven, forward-looking and proactive in meeting the requirements but also proposing better solutions
- Understands and can articulate the risk of missing controls and need for operational visibility
- Has a solid experience in control effectiveness assessment frameworks such as MITRE ATT&CK
- Is collaborative, with a vision of how to work with developers to embed immutability, anomaly detection, forensics and normal-state resumption in the fabric of the application
- Ideally, has experience working in supporting regulated digital payment services such as payment industry & digital banking, or e-commerce services
- Is experienced in monitoring, incident response and forensics in cloud environments, including IaaS providers, cloud-native platforms (Kubernetes) and SaaS third-party applications
If you are interested in this position, please click "Apply Now" and we will review your qualifications & reach out to you for further discussion & next steps, if your skillsets meet the needs of the role.
Only shortlisted candidates will be responded to, therefore if you do not receive a response within 14 days please accept this as notification that you have not been shortlisted.
EA Licence No: 11C5502
Registration No: R1876903
Delivery Consultant | M3S
+65 6818 3144