Job Description
Your background- Strong hands-on experience in application security detection and response technologies and processes
- Understanding of common exploits, web application attacks, network protocols and infrastructure/application logs (eg weblogs, AD logs, security logs) for an efficient intrusion analysis
- Advanced log analysis skills leveraging tools such as Splunk or other SIEM solutions to find targeted attacks and hunting exercises
- Comfortable with scripting languages and regular expressions
- Working knowledge of common operating systems (Windows/Linux/ OS X)
- Experience in packet captures and analysis (e.g. Wireshark) is desirable
- Ability to independently work in a fast-paced environment and drive continuous improvement
- Relevant technical certifications (SANS, CISSP, etc.) desirable
- Excellent communication skills, able to adapt a message to various audiences
What you will do- Analyze application layer alerts, conduct investigations, respond to disrupt malicious actions of threat actors and feedback to improve defensive capabilities
- Leverage advanced investigative skills using best in class data correlation and network/packet analysis tools to investigate incidents
- Provides leadership in assessing new threat vectors and leverage new intelligence to update existing controls or design new controls
- Develop and implement custom alerts and dashboards monitoring controls based on OSI layer 7 attack and threat indicators
- Responsible for mentoring and developing the skill sets of less experienced team members
- Develops and implements processes or controls in support of audit, compliance and risk requirements
- Partner with senior leaders of business organizations to triage security events and report on impact
- Execute and improve relevant risk management strategies
Company Reg. No.: 201131609D | Licence No.: 11C4684 | EA Reg No.: R 1440978