Cybersecurity Specialist
Cybersecurity Specialist
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
ACG2469JOB
Our client is a leading technology company who is looking for a qualified candidate to join their firm.
Plan the structure of rules data rules and develop detection rules.
Finetune and optimize rules research integration capabilities and log parsers.
Configure and manage rule settings on customer systems.
Attack Techniques Research
Participate in researching and simulating attack techniques to identify potential or optimize detection methods and adding to the Hunting checklist/Detection rules.
Create and develop SOC content
Build SOCrelated content (Dashboards playbooks etc.).
Customer Advisory and Support
Research and analyze customer infrastructure to develop and customize appropriate use cases/rules for each customer.
Reporting task:
Report the results of work and upcoming plans to the Company s Manager.
Communicate summarize and present results to customers when necessary.
Requirements
Bachelors degree in Information Security or Information Technology.
At least 2 years of experience in a similar role.
Preferred candidates with international security certifications related to attack or investigation and incident handling from organizations such as Offensive Security or SANs.
Basic knowledge of common network services/protocols (SMB FTP HTTP HTTPS ) including security risks associated with these protocols.
Indepth understanding of OS Windows/Linux (process autorun task scheduler/crontab service ) and specific systems such as AD server Web server (IIS Apache Tomcat ).
Strong understanding of tactics and techniques in the MITRE ATT&CK Framework.
Ability to identify abnormal indicators for each tactic including techniques under tactics like Persistence Privilege Escalation Lateral Movement Credential Access Discovery Exfiltration
Knowledge of unusual behaviors for users or abnormal network connections (UEBA).
Basic knowledge of security solutions and their features to develop appropriate use cases or rules.
Skilled in analyzing developing and finetuning log parsers in SIEM systems and utilizing Regex for parser development.
Proficiency in one or more programming languages (PowerShell Bash script Python ) for analysis purposes is an advantage.
Threat modeling skills identifying potential abnormal behaviors mapping detection with threats/abnormal behaviors based on log source types to write detection for new log source types.
Contact: Nhat Anh Nguyen and Oanh Phung.
Due to the immense number of applications only shortlisted candidates will be contacted.
Employment Type
Full Time
