On behalf of our Client is a multinational information technology company providing IT and telecommunication services to the air transport industry, we are sourcing for an experienced hands-on Security Analyst to identify and evaluate risks, conduct log analysis and act upon security threats across a complex and disperse IT estate.
The Security Analyst will carry out threat analysis and handling process to ensure the efficient and timely mitigation of security threats, as well as understanding the threats’ risks and potential business impacts of both threats and mitigation measures.
By leveraging the Security Information and Event Management (SIEM) and the current security toolset, the Security Operation Center (SOC) team members are expected to investigate security issues and conduct root analysis, as well as resolving or escalating security incidents. Their responsibilities also involve communicating the agreed action plan and to do the follow-up with the resolver groups, clients and production teams
- Monitoring security logs sources and alerts from the SIEM and other threat detection systems for threats activity. Interpreting, conducting analysis and making recommendations for resolution.
- Hunting potential internal and external threats and developing detection mechanisms and reports.
- Handling security incidents in line with the incident response processes.
- Assuring the prompt and adequate follow-up on priority action items with resolver groups.
- Producing security incidents reports and recommendations.
- Following, maintaining and helping in the evolution of the SOC processes and procedures, including use case, SOP, etc.
- Working with resolver groups to evaluate and recommend new security practices and solutions.
- Providing security advices and promoting security awareness to other IT teams and clients.
- Working actively on evolving our threats detection and team efficiency by acting on noise and false positive.
- Helping in the production of threat intelligence and IoC by leveraging threats information from past incidents, sandboxes reports, malware reversing and data forensic.
- At least 3 years of working within a mature SOC organization or as a security threat analyst in an equivalent security environment.
- Minimum of 2-3 of experience in information technology in Windows servers, Linux or network.Experience in using SIEM technologies, endpoint protection, IDS and other security technologies.
- High level of analytical and problem-solving skills.
- Good understanding of system, and application logs from a variety of platforms, from firewall, domain controllers to IDS, etc.
- Technical expertise in multiple security technologies would be an advantage including security incident handling experience.
- Good knowledge of threat intelligence data, IoC, threat actors, kill chain, Stix/Taxii, etc.
- Having experience in the pen testing/ethical hacker field.
- Skills in network analysis, sandboxing, malware reversing or forensic.
- Strong knowledge of vulnerabilities, CVE, 0day and their potential impacts.
- Experience with IT compliance assessments (ISO 27000 etc.).
- Certified Information Systems Auditor
- Global Information Assurance Certifications (GIAC) e.g. Certified Incident Handler (GCIH), Certified Intrusion Analyst (GCIA), Certified Enterprise Defender (GCED) or other relevant GIAC certifications
Additional Job Information
- Permanent position
- Working location: eastern part of Singapore
- Interested candidates must be open to support staggered shift hours (no overnight shift), and weekends support
- Work Pass Job Seekers NEED NOT Apply
Please send your updated CV in MS Words format to email@example.com.
We regret that only shortlisted candidates will be notified.
GMP Technologies (S) Pte Ltd | EA Licence: 11C3793 | EA Personnel: Christopher Wong | Registration No: R1104673