About the Role
Looking for an experienced Cyber Defence Lead for our Healthcare domain. You are expected to design, build, and operate advanced proactive threat detection capabilities against sophisticated and stealthy cyber threats. As a part of the Cyber Defence Team, your primary responsibility will be to proactively detect cyber intrusion activities, as well as assist in isolating and mitigating active cyber threats. You will also need to collaborate with other cybersecurity operations teams performing functions such as security monitoring, digital forensics, incident response, threat intelligence, and threat hunting. You will report directly to the Head of Department.
Job Description
- Design, build, and operate advanced proactive threat detection capabilities against sophisticated and stealthy cyber threats.
- Monitor and analyse cyber intrusion activities, as well as assist in isolating and mitigating active cyber threats.
- Perform malware analysis in support of cyber investigations, perform root cause analysis, and contribute towards efforts to close a cybersecurity incident.
- Independently analyse potential malware samples using static and dynamic malware analysis tools/techniques to identify malware behavior and purpose, as well as extract indicators of compromise.
- Collaborate with threat intelligence analysts to perform further threat analysis and correlate malware samples found with possible threat actors.
- Collaborate with threat detection engineers to create detection models to identify and neutralise similar malware/ threat activities in our environment, as well as update the knowledge base.
- Document investigation findings clearly and concisely.
- Develop/ review threat detection and malware analysis SOPs/playbooks.
- Keep up-to-date with the latest threat actor Tactics, Techniques, and Procedures (TTPs).
- Maintain the malware analysis and reverse engineering lab environment.
- Track and analyse threat/ malware-related cybersecurity metrics for optimal effectiveness, benchmarking, and management reporting.
- Responsible for any other ad hoc duties assigned.
Requirements
- Diploma/ Bachelor in Computer Science /Information Technology or relevant field.
- At least 10 years of hands-on technical cybersecurity experience with demonstrable skillsets in threat hunting, malware analysis, threat intelligence, incident response, and/or other technical investigation roles.
- Familiar with the Cyber Kill Chain, MITRE ATT&CK Framework, NIST Cybersecurity Framework (CSF), and other cybersecurity frameworks.
- Familiar with the latest APT TTPs.
- Familiar with malware behaviors, such as different types of injection, registry persistence, etc.
- Able to overcome different types of obfuscation, encoding, and encryption.
- Able to reverse 64-bit malware, C++ binaries, and other types of malware.
- Able to intercept and analyse network traffic to derive additional insights and indicators of compromise from malware samples.
- Technical cybersecurity certifications (e.g. GCIA, GCFA, GNFA, GREM, OSCP, etc.) is a plus.
- A desire to thrive in a hard-working, fast-paced and collaborative team.
- Great communicator, negotiator and team-player.
- Good written and communication skills with the ability to interact and engage with stakeholders and all levels of management.
- Self-motivated and detail-oriented, with strong analytical and investigative skills.
- Able to remain calm under pressure.
About the Company
Our client offers the benefits of a work environment that is stable and cohesive. You will enjoy working with up-to-date technology, and opportunity for growth with ATTRACTIVE BONUS.
Interest & Apply
Interested applicants, please send your resume to [email protected] with your current resume and expected salary for a confidential discussion.
EA Personnel Name: Janice Meidalina Salim
EA Personnel Registration No.: R23118765
EA License No.: 11C5502
