Senior Cybersecurity engineer

Job Description: Cyber Incident Responder

We are seeking a consultant for Cybersecurity expert/SME in Detection Engineering & Security Investigation areas, part of Production SOC & Security Investigation & Incident Response team.

Key Responsibilities:

• Lead technical activities (security use case definition, design, implementation & enrichment) in the team of IT Production Security Investigation & Incident Response based on real-world attack scenarios and framework like MITRE ATT&CK, ensuring robust security detection posture across various layers.
• Understand ongoing security threats in the wild and propose security use case to detect and when possible, protect or mitigate.
• Lead technical activities (definition, R&D/threat hunting) in the team of IT Production Security Investigation & Incident Response and oversee the detection capabilities of the 24/7 regional IT Production SOC
• Respond to Cyber / IT security incidents and evaluates the type and severity of security events.
• Identify recurring security issues and risks and develops mitigation plans and recommends process improvements.
• Partner with global, regional and local stakeholders to ensure organizational and procedural efficiency and readiness for detection of suspicious events and reaction
• Continuously improve the processes to strengthen the current SOC framework via review of policies and operational playbooks

Required Skills & Qualification:

• Bachelor’s degree in information technology or equivalent
• Candidate MUST have 7 or more years of experience on overall cybersecurity incident response with 4 years specifically on security usecase design, development, coding.
• Experience in security usecase design/development with understanding of Java language.
• Good working knowledge of Linux (RedHat/Ubuntu).
• Experience in SIEM on ELK(Elastic Logstash Kibana) stack is a plus
• Professional credentials in one of the relevant IT Security disciplines is a plus (SANS / CISSP /OSCP)
• Experience in common scripting languages such as Python, PowerShell, Bash, SQL is a plus
• Working knowledge to interpret security logs or instructions into threat models. SecOPS-DevOPS mindset & skills.
• Experience and knowledge in investigating incidents, remediation, tracking and follow-up for incident closure with concerned teams, stakeholders.
• Thorough understanding of technologies and security concepts, with knowledge & hands on experience in SIEM Product and Security Incident Management
• Experience of performing security monitoring and incident response activities in an advanced Security Operation Centers (SOC) environment (log analysis, event analysis, incident investigation, reporting)
• Comfortable working with and making the most of large data sets (collection, analysis, response),creating content/use cases/models and bringing an automation mindset.

Interested candidates may apply through the application system or send it to dinud@morganmckinley.com. Shortlisted candidates will be notified.
By sending us your personal data and curriculum vitae (CV), you are deemed to consent to Morgan Mckinley Pte Ltd and its affiliates to collect, use and disclose your personal data for the purposes set out in the Privacy Policy available at https://www.morganmckinley.com/sg/privacy-policy. You acknowledge that you have read, understood, and agree with the Privacy Policy.

Morgan McKinley Pte Ltd
Dinu Dinesh

EA License No: 11C5502

EAP Registration No: R22110286