Threat and Incident Response Analyst

This is a fully remote position, open to applicants in Singapore.

📋 Description

• Identify and assess cybersecurity threats that affect the organization's environment.

• Take responsibility for the proactive detection of new attacks using advanced security monitoring tools and techniques.

• Investigate and address recognized security incidents by following a defined incident response protocol.

• Develop playbooks and processes to effectively respond to incidents.

• Work in conjunction with the engineering team to automate responses to security incidents.

• Recognize emerging threats and ensure that the organization's detection and response capabilities are updated according to the latest threat landscape.

• Conduct threat modeling across various technologies and applications within the organization, ensuring that all identified threats have the necessary security controls implemented.

• Identify relevant data sources and security monitoring use cases that align with the organization's threat defense needs and integrate them into the SIEM platform.

• Manage and operate the SIEM platform.

• Utilize security tools such as SIEM, EDR, WAF, IDS, and Netflow to investigate and respond to threats.

• Accountable for evaluating, curating, and managing Threat Intelligence feeds to facilitate the correlation of security events.

• Participate in an on-call rotation for 24/7 support of security operations.

⛳️ Requirements

• 5-7 years of professional experience in the information security sector, focusing on security/threat analysis and prevention/detection technologies.

• Strong analytical abilities and a self-driven attitude to learn and adapt to new technologies and methodologies.

• Extensive knowledge of technologies such as Unix/Linux, Windows, Active Directory, Databases, Cloud, and DevOps.

• Experience with endpoint and network security technologies, including IDS, IPS, EDR, ATP, and malware defenses.

• Familiarity with SIEM and log management technologies.

• Comprehensive understanding of Cyber Threat TTPs, Threat Hunting methodologies, and the application of the Mitre Attack framework.

• Experience with scripting languages.

• Proficient in threat modeling methodologies such as STRIDE and PASTA.

• Ability to communicate and collaborate effectively with both technical and non-technical team members across different locations in a fast-paced work environment.

🏝️ Benefits

• Competitive salary and performance-based bonuses.

• Comprehensive health, dental, and vision insurance.

• Opportunities for professional development and continuous learning.

• Flexible working hours and remote work options.

• Collaborative and inclusive work environment.