Principal Security Analyst, Analysis & Response
My client is seeking a highly motivated, self-driven Principal Security Analyst, Analysis & Response to join the Global Security Incident Response Team (GSIRT) Security Operations Center (SOC), responsible for security event analysis, digital forensic analysis, incident response, and related activities. This position will report to the Senior Manager, Analysis and Response. This role will be based in Singapore.

Responsibilities:

• Operate independently in a geographically dispersed team, while maintaining situational awareness and keeping the team up to date
• Perform security monitoring and incident response activities across the company's group global networks, leveraging a variety of tools and techniques
• Detect incidents through proactive "hunting" across security-relevant data sets
• Thoroughly document incident response analysis activities
• Review investigations conducted by more junior analysts to ensure quality standards are met
• Develop new, repeatable methods for finding malicious activity across the company's group global networks
• Provide recommendations to enhance detection and protection capabilities
• Regularly present technical topics to technical and non-technical audiences
• Write high-quality incident reports for executives
• Develop and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of information security incidents
• Prioritize multiple high-priority tasks and formulate responses/recommendations to customers and team members in a fast-paced environment
• Provide assistance to other security teams
• Continually develop new technical skills and push overall team capabilities forward
• Engage with and mentor other team members
• Work with other teams on major engineering and architecture initiatives related to company's enterprise security
• Perform other duties, as assigned

Requirements:

• Bachelors in Information Technology, Engineering, Cybersecurity or related field
• Minimum of 7 years of experience in Information Technology with at least 3 years of experience in Information Security
• Experience working remotely full time or experience working on a geographically dispersed team
• Hands-on experience in a Security Operations Center environment conducting network, host, or threat analysis
• Experience analyzing raw log files, particularly logs from network or host based security tools
• Experience analyzing packet captures
• Deep understanding of network defense principles, common attack vectors, and attacker techniques
• Advanced technical skills and the ability to develop a mastery of network and host security technologies
• Comfort with using the Linux command line
• Experience with at least two programming or scripting
• Experience with the following technologies or concepts:
  • SIEM or other security/log management platforms
  • Email analysis
  • Regular expressions
  • IDS/IPS
  • Firewalls
  • Virtualization
  • Common TCP and UDP protocols
• Hands-on experience performing the following types of analyses:
  • Memory forensics
  • File system forensics (exFAT, NTFS, HFS, HFS+, EXT2/3/4, RAID)
  • Network forensics, including protocol and traffic analysis
  • Cloud forensics, including multi-tenant distributed environments (AWS, IBM, etc.)
  • Malware analysis
  • Registry analysis
  • Internet history analysis
  • Metadata extraction and analysis

Dignadice Catherine Lagman @ Lagman Catherine De Leon EA License No.: 02C3423 Personnel Registration No.:R21103001

Please note that your response to this advertisement and communications with us pursuant to this advertisement will constitute informed consent to the collection, use and/or disclosure of personal data by ManpowerGroup Singapore for the purpose of carrying out its business, in compliance with the relevant provisions of the Personal Data Protection Act 2012. To learn more about ManpowerGroup's Global Privacy Policy, please visit https://www.experis.com.sg/privacy-notice