- Analyzing and verifying information through various investigative techniques, internal resources, forensics, and Insider threat tools such as Data Loss Prevention, End Point Detection and Response, Network Traffic Analysis & Deceptive Technology to detect malicious lateral movement & Privilege escalation in On-prem and Cloud environment.
- Experience using analytical and data visualization tools to automate the analysis and provide insights of large dataset and correlate with Splunk SIEM, and conduct investigative works into all traffic anomalies against established, historical baselines to identify the root cause to an incident, reported suspicious events or red teaming activities
Requirements:
- Minimum of (3) three years experience in Information Security experience as an insider threat analyst, or security engineer, or a similar role, preferably with insider threat management.
- Hands on experience with investigative and/or insider threat tools, such as UEBA, DLP, EDR, Computer Forensics, Monitoring, Splunk SIEM, Incident Response, Databases, or data visualization tools in On-prem and Cloud environment.
- Experience in Cyber security: MITRE ATT&CK Framework, Cyber kill chain, TTP, threat intelligence, malware triage. Understanding of Different Attacks on System, Network, Applications.
- Certifications such as Splunk SIEM certification, CERT, CFE, CFCE, CISSP, GCIH, SANS, GIAC.
Kindly indicate 105 – Threat Analyst on the subject
Interested applicants may send in their detailed resumes, with subject title: 105 – Threat Analyst in MS Word format
(Reg. Nos. R1104128)
IT Consultancy & Services Pte Ltd
EA License No.: 92C5311
For more information about ITC, please visit us @ www.itcspl.com