Cyber Defense Specialist
About the role
Correlate threat data from various sources. Performs in-depth analysis and assessment on threats to critical infrastructure components. Provides recommendations for defining rules and malware signatures for enhanced detection and mitigation based on analysis. Analyses and researches known indicators, correlate events, identify malicious activity and discover new sources to provide early warning related to a variety of cyber threats Delivers high-quality reports, briefings, and assessments to senior-level executives, facilitating understanding of cyber threat entities and environments. Develop and maintain the process of evidence/data collection and base the investigation process and rigour on the type of incident assessment. Additionally, investigates tasks for root cause analysis. Utilise internal and external tools to interpret reports and validate identified vulnerabilities and associated risks Proactively research emerging cyber threats. Apply analytical understanding of attacker methodologies and tactics, system vulnerabilities, and key indicators of attacks and exploits. Participate in threat hunt operations using known adversary tactics, techniques and procedures, as well as indicators of attack, in order to detect advanced threats to the enterprise. Employ advanced forensic tools and techniques for attack reconstruction and intelligence gathering. Stays current with the incident response community to maintain/develop formal and informal sources of information and incorporate industry best practices where applicable.
BS Degree and 2-4 years relevant experience in cybersecurity or network defence; or 1-3 years relevant experience with relevant certifications (CISSP, SANS GIAC, CEH, etc.) Highly developed analytical mind, attention to detail and an aptitude for 'threat hunting' and 'problem-solving are necessary attributes for this role Solid understanding and experience detecting and responding to incidents Demonstrated track record in detection, investigation and problem-solving skills. Strong experience supporting Modern Web Applications + solid familiarity & experience with Web Application Security Have excellent written and verbal communication skills Understanding of behavioural-based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc. Experience in analysing security breaches to understand the root cause, the extent of damage and identifying options for remediation. Experience applying threat and data modelling, advanced data correlation, and statistical analysis to develop alerts, notable events, investigative dashboards, and metrics-driven reports. Strong comprehension of IR technologies, malware, emerging threats as well as experience in a large corporate environment. Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing, network & system security and the development of exploits Working knowledge of Computer Network Exploitation (CNE), Computer Network Attack (CNA) and Computer Network Defense (CND) tools and techniques. Strong technical understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.). Ability to write tools or scripts (e.g., Python, PERL, shell scripting) to automate analysis and enhance detection capability where required Experience in malware analysis (static/behavioural), penetration testing and forensics. Knowledge in using next-generation cyber defence tools. Prior experience in using security analytics solutions and security log management platforms is a plus Prior experience in a 24x7x365 operations environment
Why you should join Cyble
Cyble is a cyber intelligence company that empowers organizations with darkweb & cybercrime monitoring and mitigation services.