As a Systems Specialist, will be providing support in the following areas:
a) Develop and implement a threat hunting framework to provide a comprehensive structure for planning, executing, and managing threat hunting initiatives.
b) Develop and refine threat hunting methodologies and procedures to enhance the organization's ability to detect and respond to advanced threats.
c) Continuously enhance threat hunting techniques, processes, and tools to improve the organization's overall cybersecurity posture.
d) Stay updated with the latest vulnerabilities, security trends, and techniques in cyber threats and hacking methodologies.
e) Conduct research on emerging threats and vulnerabilities and provide recommendations for enhancing the organization's security posture.
f) Conduct proactive threat hunting exercises to identify and investigate potential security incidents and suspicious activities within the network.
g) Document all findings, analysis, recommendations and investigation results in a clear and concise manner and generate reports for management and stakeholders.
h) Develop and tune security monitoring rules, correlation logic, and detection signatures.
i) Be proficient in utilizing various security technologies, including SIEM (Security Information and Event Management) tools, network traffic analysis tools, endpoint detection and response (EDR) systems, vulnerability management system and threat intelligence platforms.
j) Work closely with other cybersecurity teams, such as for incident response, security operations, and threat intelligence, to share findings and collaborate on incident investigations.
k) Develop and implement a cyber intelligence framework to provide a systematic and organized framework for collecting, processing, and leveraging intelligence to enhance HDB's cybersecurity posture and decision-making capabilities.
l) Integrate the cyber intelligence framework with the HDB's Security Operations Center (SOC) and incident response team and ensure that the intelligence gathered is effectively used to detect, prevent, and respond to cyber threats.
m) Continuously monitor and collect information from multiple sources, including threat intelligence feeds, security vendors, dark web forums, social media, and other online platforms, to identify emerging cyber threats and attack trends.
n) Analyze the collected threat intelligence data to identify patterns, trends, and potential cybersecurity risks.
o) Prioritize and triage threats based on their relevance and potential impact to HDB.
p) Conduct in-depth analysis of threat actors, their motivations, capabilities, and tactics, and provide insights on potential risks and impacts to the organization's systems, networks, and data.
q) Produce regular and ad-hoc reports, briefings, and alerts on emerging threats, trends, and risk assessments to relevant stakeholders, including senior management, incident response teams, and other cybersecurity teams. The report shall also provide technical information in a clear and actionable format for various stakeholders.
r) Provide timely and accurate intelligence support during security incidents, assisting incident response teams in understanding the nature and scope of the threat, and providing guidance on containment, remediation and recovery strategies.
s) Support vulnerability management efforts by analyzing threat intelligence data to identify vulnerabilities, exploit trends, and potential targets, and prioritize patching and mitigation activities.
t) Collaborate with threat hunters and other cybersecurity teams to develop and refine threat hunting strategies based on threat intelligence insights and analysis.
Qualifications
a) Possess fundamental application security knowledge like interpretation of HTTP response status codes and WAF violations.
b) Display understanding of network security best practices.
c) Display understanding of techniques in cyber threats and hacking methodologies.
d) Strong problem-solving skills and ability to work under pressure. Willingness to learn.
e) Fundamental skills on Microsoft Office products like Word and Excel.
f) Additional certifications like CCNA, CCNP, CISSP or related certifications are a plus.
g) Must be able to work beyond business hours including weekend when necessary
