MDR Analyst/ Threat Hunter

Ensign is hiring !

Responsibilities

• Setup and operating Managed Endpoint and Detection Response (MDR) program and proposing enhancement to achieve better efficiency/ effectiveness
• Operating Network Traffic Analytics (NTA) program, identification of abnormalities in client’s environment
• Performs threat hunting within the clients’ technology environments to uncover indicators of threat activities
• Performs digital forensic preservation, legal documentation and electronic discovery for incidents and investigations
• Supports the development of tactics, techniques, and procedures in providing proactive threat hunting and analysis against the available information sources (e.g. Netflow, DNS and Firewall logs, etc.)
• Supports the identification and documentation of Indicators of Compromise (IoCs)
• Leverages internal and external resources to research threats, vulnerabilities and intelligence on various threat actors and exploitation tools and platforms
• Use an analytics platform to identify threats in the available information repositories
• Perform threat research to identify potential threat vectors and work with multi-disciplines to improve prevention and detection methods
• Identify gaps in an organisation’s measurement metrics, telemetry and logging capabilities and propose enhancement strategies to achieve the intended outcomes
• Work with client’s appointed Incident Response Management team for cyber security incidents such as data security breach, Advanced Persistent Threat (APT)

Requirements

• Bachelor’s Degree in Computer Engineering, Computer Science, Cyber Security, Information Security or other equivalents
• 1 to 3 years of experience with threat hunting
• 1 to 3 years of experience in incident response handling
• 1 to 2 years of experience with digital forensics investigations
• Experience in consulting, including both internal and client facing experiences
• Ability to obtain a security clearance
• Ability to travel 20% of the time

Preferred Skills /Qualities

• 1 to 3 years of experience supporting or providing expert witness testimonials
• 1 to 3 years of experience in data analysis
• 1 to 3 years of experience in log analysis
• 1 to 3 years of experience in reverse malware analysis
• Experience with research, technical and business documentation and analysis
• Knowledge of the Singapore Law, Singapore Government regulations and policies
• Ability to demonstrate flexibility, initiative and innovation in dealing with ambiguous, fast-paced situations
• Ability to show proficiency in one or more regional languages and dialects
• Ability to show proficiency in Microsoft Office, Power BI and Tableau
• Ability to show proficiency in Forensic Toolkits, e.g. EnCase Forensics, FTK Forensics, Magnet Forensics and Write Blockers
• Ability to show proficiency in reverse malware engineering tools, e.g. IDA Pro
• Ability to show proficiency in programming and scripting, e.g. Java, .NET Programming, Python & PERL scripting, etc
• Possession of excellent presentation and briefing skills
• Possession of excellent oral and written communication skills
• Professional certifications, including EnCE, GCIH, GCFE, GCFA, GREM, GNFA, GASF, GCTI, CISSP, or other SANS certifications