threat investigation specialist
5 days ago
The Main Responsibilities
Threat Hunting and Analysis
Conduct proactive threat hunting activities across various environments (endpoints, networks, cloud).
Develop and maintain threat hunting hypotheses based on current threat intelligence and organizational risk assessments.
Apply structured threat hunting methodologies leveraging frameworks such as MITRE ATT&CK, PEAK, TAHITI, THMM and Diamond Model to guide hypothesis creation, evidence collection and iterative improvements.
Deep technical knowledge of adversary tactics, malware analysis, intrusion detection and cloud security.
Tooling and Automation
Familiar with EDR/XDR solutions, SIEM platform, data pipeline and threat hunting tooling to detect and disrupt adversary tactics.
Develop custom scripts and tools to automate threat hunting processes and improve efficiency.
Leverage various threat hunting techniques, including but not limited to, YARA rules, IOC analysis, and behavioral based analysis.
Incident Investigation
Analyze security logs, network traffic, and endpoint data to identify malicious activity and potential threats.
Investigate security incidents and provide detailed reports on findings, including root cause analysis and remediation recommendations.
Collaborate with other security teams (incident response, vulnerability management, etc.) to share threat intelligence and coordinate security efforts.
Cyber Threat Intelligence (CTI)
Develop and manage Cyber Threat Intelligence while staying up to date on the latest threat landscape, attack techniques, and emerging technologies.
Map advisory behaviors to ATT&CK techniques and translate findings into actionable intelligence.
Share actionable intelligence with internal teams and external stakeholders.
Present findings and recommendations to technical and executive audiences.
Continuous Improvement
Contributes to the development and improvement of threat hunting strategies, processes and playbooks aligning with PEAK and TAHITI cycles for structural threat hunting.
Develop and maintain a strong understanding of the organization's infrastructure and applications to strengthen awareness of evolving threats and adversary behavior.
Drive maturing of the overall security operations service.
Qualifications & Skills:
Required
Bachelor's degree in Computer Science, Cybersecurity, or a related field.
At least 3+ years of experience in cybersecurity, with a minimum of 1-2 years focused on threat hunting.
Strong understanding of various operating systems (Windows, Linux, macOS).
Experience with various security tools and technologies (SIEM, EDR, network monitoring tools).
Proficiency in scripting (Python, PowerShell).
Strong analytical and problem-solving skills.
Excellent communication and presentation skills to translate technical findings into business impact.
Preferred
Experience with threat intelligence platforms, feeds and CTI frameworks.
Relevant security certifications (e.g., SANS GIAC, GNFA, GCFA, Offensive Security, etc)
Experience with cloud platforms (AWS, Azure, GCP) and container security is a plus.
EA License # 14C6941
-
Senior Manager
1 week ago
Singapore Cisco Systems Full timeReports to the Sr Director Corporate Security and is responsible for managing the global program dedicated to proactively and reactively investigating threats made to Cisco employees, property and events across the globe, as well as other significant Corporate Security priorities. The incumbent will be responsible for the development and implementation of...
-
Endpoint Security
1 week ago
Singapore Crypto.com Full timeWe are looking for an intermediate level security specialist to join our Global Cyber Fusion Center. The role will support our continuous threat monitoring, hunting & response capabilities; and be a key contributor to key endpoint security projects & initiatives. **Responsibilities**: - Threat Monitoring Investigations - deep dive into Tier 1 & Tier 2...
-
Singapore Amazon Full timeDESCRIPTION Key job responsibilities - Analyze data sets and third-party intel to uncover fraud patterns. - Investigate fraud forums, and fraud-as-a-service marketplaces. - Write and execute SQL queries to identify abuse signals and telemetry trends. - Collaborate across Risk, Cybersecurity, and Abuse teams to mitigate fraud. - Conduct link analysis to...
-
Threat Hunting Specialist
2 weeks ago
Singapore IMDA Full timeThreat Hunting Specialist (Advanced Cybersecurity)Join to apply for the Threat Hunting Specialist (Advanced Cybersecurity)role at IMDA Threat Hunting Specialist (Advanced Cybersecurity)Join to apply for the Threat Hunting Specialist (Advanced Cybersecurity)role at IMDA Get AI-powered advice on this job and more exclusive features. Design and deliver Cyber...
-
Cyber Threat Investigator
2 weeks ago
Singapore Centre for Strategic Infocomm Technologies Full timeJob Scope Detect anomalous behaviours via IOCs Assess potential malicious nature Build and expand threat profile Describe adversary’s tactics Respond to threats identified where needed Requirements Degree in Infocomm Security, Computer Science, Computer/Electrical Engineering, Information Technology Strong interest in cyber security, particularly in...
-
Threat Monitoring Specialist
1 week ago
Singapore Emergent Risk International Full timeEmergent Risk International (ERI) is seeking to hire a **Threat Monitoring Specialist** in Singapore to join an existing global threat monitoring and analysis team embedded with one of our clients, a major technology company. The Threat Monitoring Specialist will preferably have experience working in threat monitoring for a public or private sector entity,...
-
Singapore Amazon Asia-Pacific Holdings Private Limited Full timeFluent in Mandarin, reading, writing and speaking - 4+ years in fraud investigation, threat intel, or trust & safety roles. - SQL proficiency to extract and analyze structured data. - Knowledge of online fraud schemes and behavioral abuse. - OSINT skills and experience with tools like traditional threat intelligence vendors and tools. - Strong communication...
-
Regional Threat Intelligence Specialist
1 week ago
Singapore Control Risks Full timeThe Regional Threat Intelligence Specialist will work within the Global Security Intelligence function, supporting the collection, analysis, and dissemination of threat intelligence to stakeholders across the organization. This position will focus on a specific region, providing in-depth analysis and assessments of regional threats and trends, as well as...
-
Cyber Threat Investigator
2 days ago
Singapore Ministry of Defence Singapore Full time $90,000 - $120,000 per yearCentre for Strategic Infocomm TechnologiesPermanentWhat you will be working on• Detect anomalous behaviors via IOCs.• Assess potential malicious nature.• Build and expand threat profile.• Describe adversary's tactics.• Respond to threats identified where needed.What we are looking for• Degree in Infocomm Security, Computer Science,...
-
Threat Hunter
16 hours ago
Singapore ENSIGN INFOSECURITY (CYBERSECURITY) PTE. LTD. Full time**Duties and Responsibilities** - Performs threat hunting within the clients’ technology environments to uncover indicators of threat activities. - Performs digital forensic preservation, legal documentation and electronic discovery for incidents and investigations. - Supports the development of tactics, techniques, and procedures in providing proactive...