Senior Cybersecurity Threat Hunting
Full Time Phnom Penh Posted 3 weeks ago
Technology
JOB RESPONSIBILITIES
- Conducting proactive threat hunting activities to identify potential threats, before they cause harm and searching for hidden threats before they happen.
- Gathering information on the behavior, goals, and techniques that the adversary is using.
- Analyzing collected data to determine trends in the security environment of the organization.
- Analyzing and interpreting data to determine the scope and severity of the threat.
- Making cybersecurity predictions based on findings and eliminating current vulnerabilities.
- Developing and implementing strategies to mitigate the risk.
- Collaborating with other cybersecurity professionals to develop and implement effective security measures.
- Monitoring network and system logs for suspicious activity.
- Analyzing security data to identify patterns and trends.
- Developing and implementing security measures to protect against cyber threats.
- Investigating security incidents and providing recommendations for improving security protocols.
- Staying up to date with the latest threats and vulnerabilities in the industry.
- Oversee the 24x7 Security Operation Center operations.
- Build, develop and plan the necessary competencies and skills of practicing members: Threat Hunting and CTI.
- Administer, develop, enhance, and own the Threat Hunting processes and procedures, ensuring effective operations.
- Implementing and maintaining the cyber security controls, incident response.
- Manage and control SOC tools and resources, design use case, turning rules and policies.
- Create, build, and maintain Threat Hunting reporting.
- Coordinate with stakeholders and other delivery practices to address, follow-up, and resolve security issues as part of escalation matrix and process in customer delivery.
- Work with relevant teams and stakeholders to develop and maintain security plans, procedures, and other documentation as required.
- Work with various teams and stakeholders to ensure toolsets used to detect infrastructure security events are deployed on all necessary platforms.
JOB REQUIREMENTS
- Graduated bachelor’s degree of Information Technology, preferably in the field of Computer Science.
- Completing or certified any security course like SOC Analyst, CTIA, eCTHP, GCTI, CEH and other security related course is advantaged.
- Additional knowledge/experience of cyber threat intelligence frameworks like STIX/TAXII, MITRE ATT&CK is preferable.
- 3 year working experience and at least 2 years' experience directly related practical experience and demonstrated ability to carry out Threat Hunting activities.
- Experiences implementing and maintaining cyber security controls, incident response.
- Experiences implementation of security tools.
- Experience and extensive knowledge of Security Information Event Management (SIEM), EDR, XDR
- Knowledge and experience in leading and managing cybersecurity / information security teams and technologies
- An exceptional understanding of threats and attack vectors and their mitigation.
- Solid understanding and experience working with and analyzing malware.
- Working knowledge and administration of Linux, Windows, and Mac environments.
- Experience or familiarity with SIEM solutions, intelligence and analysis tools, Threat Intelligence Platforms and OSINT aggregators.
- Knowledge of programming languages or scripting.
- Experience in vulnerability scanning, assessment,
- Experience in creating security incident reports, manage and maintain threat, vulnerability report.