Cyber Threat Detection and Response Engineer

Job Description:
**Life at Grab**
At Grab, every Grabber is guided by The Grab Way, which spells out our mission, how we believe we can achieve it, and our operating principles - the 4Hs: Heart, Hunger, Honour and Humility. These principles guide and help us make decisions as we work to create economic empowerment for the people of Southeast Asia.

**Get to know the Team**
You’ll be part of an exciting team that is responsible for the Grab Cyber Defence function. The Cyber Defence team is responsible for Cyber threat detection, incident response, forensic investigations, threat intelligence, threat hunting, purple teaming, red teaming.

**Get to know the Role**
As a Threat Detection and Response Engineer at Grab, you are a team player and responsible for monitoring, detecting, and responding to potential threats against Grab’s networks around the world.

Your other responsibilities include, working with Senior and Lead engineers to actively hunt through our IT environment for undetected suspect activity and contribute to building, maintaining and improving our technology stack. You will also participate in purple team engagements to ensure our detections are testeds.

You’ll use tried and true techniques, tools, and best practices and also invent new ones along the way. You’ll be surrounded by smart, driven people who all care about Grab’s mission and Cyber Security.

**The Day-to-Day Activities**:

- Review Cyber security alerts evaluate their severity and escalate as required.
- Review alert criteria for host and network intrusions and push them to production. Also produce decision criteria and playbooks for alerts, automating as much as possible.
- Mature existing detection rules, and create automated tests and automation workflows to improve the overall detection capability.
- Contribute to identifying gaps in the current logging and detection capability and suggest mechanisms to remediate these gaps.
- Contribute to threat hunting, purple team efforts searching for unknown malicious activity in our network using the latest threat intel and knowledge of Cyber security.
- Respond with the team when an incident occurs, you will be on the front lines of response for the entire company.
- Contribute to maintaining, building and improving our security technology stack.

**The Must-Haves**:

- Some experience working with SIEM.
- Some experience conducting triaging or conducting incident response in cloud environment and or corporate environments. Experience with multiple security tools/systems/logs (network, EDR, WAF, OS etc.)
- Knowledge of frameworks such as ATT&CK and kill-chain and strong communication skills.
- Ability to work on an on-call basis in a rotating roster as required.
- Working collaboratively with other team members.
- Strong, proven track record of delivering results in fast-paced, resource-scarce environments. Assume your favorite tool is not available but that you have the chance to learn a new one.
- Ability to handle stress effectively and maintain strong output during triage or incidents.
- Curiosity and a relentless drive to understand how complex IT environments work and how they can be abused.
- Some Cloud knowledge, CI/CD pipelines, Containerisation and bringing a Cyber Security mindset to the mix.
- Some scripting ability to automate tasks or process large amounts of unstructured data.
- Contribute to helping us pick the best solutions to nascent problems - vendors, processes, training, etc. You will use your expertise to shape the future of the team.
- Contribute to engaging the overall Grab team, working collaboratively to address Grab’s security challenges while understanding business needs.

**The Nice-to-Haves**:

- Relevant industry certifications
- Cyber Security: SANS GCIH, GMON, GCIA, GCFA, SIEM etc.;
- Cloud infrastructure: (AWS, Azure, GCP).
- Developing security rules in a SIEM platform, workflows in a SOAR platform and working knowledge of cloud platforms.

**Our Commitment**
We are committed to building diverse teams and creating an inclusive workplace that enables all Grabbers to perform at their best, regardless of nationality, ethnicity, religion, age, gender identity or sexual orientation and other attributes that make each Grabber unique.

**About Grab**
Grab is the leading superapp platform in Southeast Asia, providing everyday services that matter to consumers. Today, the Grab app has been downloaded onto millions of mobile devices, giving users access to over 9 million drivers, merchants, and agents. Grab offers a wide range of on-demand services in the region, including mobility, food, package and grocery delivery services, mobile payments, and financial services across 428 cities in eight countries.

**Join us today to drive Southeast Asia forward, together.