Cyber Threat Intelligence Engineer

The role of the candidate is to be a part of GIS Cybersecurity team to function as a Senior Manager in the Cyber Threat Intelligence Team.

The role requires to proactively investigate security events to identify artifacts of a cyber-attack detect advanced threats that evade traditional security solutions, threat actor-based investigations, creating new detection methodology, support incident investigations and monitoring functions. Threat hunting includes using both manual and machine-assisted capabilities, that aims to find the Tactics, Techniques and Procedures (TTPs) of advanced adversaries.

The candidate must have a curious investigative mindset, experienced in information security, and the ability to communicate complex ideas to varied stakeholders.

Roles and Responsibilities:

• Develop, document, and maintain cyber threat hunting framework
• Hunt and identify for threat actor groups, techniques, tools and procedures (TTPs)
• Perform threat hunting through analysis of anomalous log data to detect and mitigate cyber threat activities
• Actively develop threat hunting hypothesis, translating hunt activities into an iterative process, and automating the process of hunting for cyber threats.
• Review alerts generated by security monitoring tools and provide recommendation to enhance alerts for more efficient monitoring.
• Provide forensic analysis of network packet captures, DNS, proxies, malware, host-based security, and application logs, as well as logs from various data sources
• Provide expert investigative support during large scale and complex security incidents
• Analysis of security incidents to enhance security monitoring and alert catalogue
• Investigate and validate suspicious events by using open-source and proprietary intelligence sources.
• Document and communicate findings to an array of audiences which includes both technical and executive teams.
• Continuously improving processes and use cases on security monitoring tools
• Keep up to date with information security news, adversary techniques and threat landscape
• Support day-to-day operations, ensuring efficient delivery of Cyber Threat Intel services.
• Candidate may be asked to be involved in additional supporting role for strategical work and security related projects.

Minimum Job Requirements:

• Must have a minimum 6-8 years of experience in a technical security role in one of the following areas: Cyber Threat Intelligence, Cyber Threat Hunting, Cyber Incident Response, Malware Analysis, Purple Teaming
• Acquired relevant certifications: GCTI, CCIP, CIA
• Experience with researching and incorporating Cyber Threat Intelligence findings into threat hunting workflow
• Knowledge and experience working with MITRE ATTACK framework, Cyber Kill Chain Model or Diamond Model
• Proficiency in using threat intelligence platforms and OSINT tools.
• Knowledge of malware and threat actor's behavior, and how common protocol and applications work at network level.
• Experience with incident response process, including detecting advanced adversaries, log analysis and malware triage
• Good understanding in network protocols and system vulnerabilities.
• Knowledge and experience in developing detection signatures (YARA, SNORT)
• Highly capable in producing Threat Advisories and Intelligence Reports for Senior Management in a timely manner.

JOIN US NOW Be part of the Industry's certified GREAT PLACE TO WORK for and enjoy these comprehensive benefit package upon hire and upon regularization;

HMO with free 4 dependents (upon hire for Principal and upon regularization for the eligible dependents)

15 days VL and 15 days SL (Pro-rated for mid-year hire)

Guaranteed 14th-month pay

Annual Targeted Incentive (Performance Bonus)

Group Life Insurance

Protection benefits and a lot more w/c will be discussed during the job offer stage

#AIAPhilippines#AIADigital+PH

#AIAITPH #EmpowerYourCareer

#HealthierLongerBetterLives#EqualOpportunities