Senior / Cybersecurity Analyst
The candidate reports to the Head, Cybersecurity Incident Response Team and is responsible for Tier 1 and Tier 2 triage, investigation and incident response for Cyber security incidents. Roles and Responsibilities
- Performs additional analysis of escalations from Event Analysts and conducts case review
- Performs Incident Response (IR) Tier II duties as a part of cyber incident response team
- Supports internal investigations by conducting 2nd level triage and/or preliminary forensic analysis.
- Develops attack remediation strategies
- Ensures communication and escalation of security activities to leadership
- Development of incident handling processes, standard operating procedures, playbooks and runbooks
- Identifies and develop procedures and processes to automate repetitive manual tasks
- Maintain awareness of emerging threats especially those targeting telecommunication companies.
- Analyse threat intelligence feeds and stay abreast of cyber security related risks that may affects StarHub.
*We regret that only shortlisted candidates will be notified.
- Previous Security Operations Centre (SOC) experience is mandatory.
- Strong leadership and analytical skills
- Understanding of mainstream operating systems (Windows, Linux, etc.), network protocols, security infrastructure, etc.
- Hands on experience of any Security Incident & Event Management (SIEM), User Entity Behaviour Analytics (UEBA) technologies and/or log management solution and competent performing log analysis, data correlation, etc .
- Possess good communication skills, practise good documentation habit and able to draft clear and concise reports.
- Good knowledge of Advanced Persistent Threat (APT) actors i.e. their Tools, Techniques, and Procedures (TTPs), TTP methods and frameworks
- Good knowledge of one or more of the following: Windows/AD file system, registry functions and memory artefacts, Unix/Linux file systems and memory artefacts, Mac file systems and memory artefacts, TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP and SMB, and etc.
- Experience with one or more scripting languages (PowerShell, Python, Bash, etc.)
- Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly.
- Bachelor degree in Computer Science or related field, or a similar field. Ideally, you have completed or are about to complete a Security certification (e.g. Security+, GCIA, GCIH, CISSP)