Threat Hunter
Singapore
Duties and Responsibilities
· Performs threat hunting within the clients’ technology environments to uncover indicators of threat activities.
· Performs digital forensic preservation, legal documentation and electronic discovery for incidents and investigations.
· Supports the development of tactics, techniques, and procedures in providing proactive threat hunting and analysis against the available information sources (e.g. Netflow, DNS and Firewall logs, etc.).
· Supports the identification and documentation of Indicators of Compromise (IoCs).
· Leverages internal and external resources to research threats, vulnerabilities and intelligence on various threat actors and exploitation tools and platforms.
· Use an analytics platform to identify threats in the available information repositories.
· Perform threat research to identify potential threat vectors and work with multi-disciplines to improve prevention and detection methods.
· Identify gaps in an organisation’s measurement metrics, telemetry and logging capabilities and propose enhancement strategies to achieve the intended outcomes.
Requirements
Basic Requirements
· 1 to 3 years of experience with threat hunting
· 1 to 3 years of experience in incident response handling
· 1 to 2 years of experience with digital forensics investigations
· Experience in consulting, including both internal and client facing experiences
· Ability to obtain a security clearance
· Bachelor Degree in Computer Engineering, Computer Science, Cyber Security, Information Security or other equivalents
· Ability to travel 20% of the time
Preferred Skills /Qualities
· 1 to 3 years of experience supporting or providing expert witness testimonials
· 1 to 3 years of experience in data analysis
· 1 to 3 years of experience in log analysis
· 1 to 3 years of experience in reverse malware analysis
· Experience with research, technical and business documentation and analysis.
· Knowledge of the Singapore Law, Singapore Government regulations and policies.
· Ability to demonstrate flexibility, initiative and innovation in dealing with ambiguous, fast-paced situations.
· Ability to show proficiency in one or more regional languages and dialects.
· Ability to show proficiency in Microsoft Office, Power BI and Tableau.
· Ability to show proficiency in Forensic Toolkits, e.g. EnCase Forensics, FTK Forensics, Magnet Forensics and Write Blockers.
· Ability to show proficiency in reverse malware engineering tools, e.g. IDA Pro
· Ability to show proficiency in programming and scripting, e.g. Java, .NET Programming, Python & PERL scripting, etc.
· Possession of excellent presentation and briefing skills.
· Possession of excellent oral and written communication skills.
· Professional certifications, including EnCE, GCIH, GCFE, GCFA, GREM, GNFA, GASF, GCTI, CISSP, or other SANS certifications.
Interested candidates may send their CV to Chin (Reg No: R21100141 ) at anc2@anchorsearchgroup.com quoting the job title in the Subject line. We regret that only shortlisted candidates will be notified.