Security Analyst L3

Ensign is hiring !

Security Analyst L3

Responsibilities

Setup and operating Managed Endpoint and Detection Response (MDR) program and proposing enhancement to achieve better efficiency/ effectiveness

Operating Network Traffic Analytics (NTA) program, identification of abnormalities in client’s environment

Performs threat hunting within the clients’ technology environments to uncover indicators of threat activities

Performs digital forensic preservation, legal documentation and electronic discovery for incidents and investigations

Supports the development of tactics, techniques, and procedures in providing proactive threat hunting and analysis against the available information sources (e.g. Netflow, DNS and Firewall logs, etc.)

Supports the identification and documentation of Indicators of Compromise (IoCs)

Leverages internal and external resources to research threats, vulnerabilities and intelligence on various threat actors and exploitation tools and platforms

Use an analytics platform to identify threats in the available information repositories

Perform threat research to identify potential threat vectors and work with multi-disciplines to improve prevention and detection methods

Identify gaps in an organisation’s measurement metrics, telemetry and logging capabilities and propose enhancement strategies to achieve the intended outcomes

Work with client’s appointed Incident Response Management team for cyber security incidents such as data security breach, Advanced Persistent Threat (APT)

Requirements

Bachelor’s Degree in Computer Engineering, Computer Science, Cyber Security, Information Security or other equivalents

1 to 3 years of experience with threat hunting

1 to 3 years of experience in incident response handling

1 to 2 years of experience with digital forensics investigations

Experience in consulting, including both internal and client facing experiences

Ability to obtain a security clearance

Ability to travel 20% of the time

Preferred Skills /Qualities

1 to 3 years of experience supporting or providing expert witness testimonials

1 to 3 years of experience in data analysis

1 to 3 years of experience in log analysis

1 to 3 years of experience in reverse malware analysis

Experience with research, technical and business documentation and analysis

Knowledge of the Singapore Law, Singapore Government regulations and policies

Ability to demonstrate flexibility, initiative and innovation in dealing with ambiguous, fast-paced situations

Ability to show proficiency in one or more regional languages and dialects

Ability to show proficiency in Microsoft Office, Power BI and Tableau

Ability to show proficiency in Forensic Toolkits, e.g. EnCase Forensics, FTK Forensics, Magnet Forensics and Write Blockers

Ability to show proficiency in reverse malware engineering tools, e.g. IDA Pro

Ability to show proficiency in programming and scripting, e.g. Java, .NET Programming, Python & PERL scripting, etc

Possession of excellent presentation and briefing skills

Possession of excellent oral and written communication skills

Professional certifications, including EnCE, GCIH, GCFE, GCFA, GREM, GNFA, GASF, GCTI, CISSP, or other SANS certifications

JOBREQ-0003198