Proactively 'hunt' for potential malicious activity and incidents across the environment using advanced threat network and host-based tools adopting Mitre Attack Framework. • Perform hunting for malicious activity across the network, endpoint, and Critical Assets. • Create hunting hypothesis and perform IOCs & TTPs based threat hunting and share reports with the management weekly on the findings, misconfiguration, use case development and provide suggestions for counter measurement. • Expertise in hunting, managing, and writing detections using logs from Endpoint Detect and Response solutions like Carbon Black EDR, CrowdStrike EDR & Cortex XDR etc. • Research on different TTP's for ATP Threat groups which are used by attackers during the sophisticated Cyber-attacks. • Collaborates with technical and threat intelligence team to provide indications and warnings and contributes to predictive analysis of malicious activity. • Perform cyber security threat hunting & detection activities with specific focus on countermeasure Tactics, Techniques and Procedures (TTPs) • Contribute to the tuning and development of security information and event monitoring systems (SIEM) use cases and other security control configurations to enhance threat detection capabilities. • Familiarity with threat modelling, development of attack plans, performing manual & automated Ethical Hacking, & develop proof of concept exploits. • Evaluates new security technologies and products and performs engineer-level work and analysis to determine if solutions should be pursued. Additional Details: • It’s a client serving role – there will be KPIs and SLAs expected on role service tasks. • Location is at client’s premises – Synapxe ASOC’s current location is at Serangoon but they will be moving to One North sometime in Q3 , Q4 2024. • ASOC operates on a 24x7 basis, though contract states 7am to 530pm for working hours, TH and IR folks are expected to support after business hours in the event of an incident.
x
