Network Access Monitoring

  • Sector: LMA Asia Technology
  • Contact: Jodie Lee
  • Client: LMA
  • Location: Singapore
  • Salary: S$10000 - S$15000 per month
  • Expiry Date: 05 June 2022
  • Job Ref: BBBH374003_1651813811
  • Contact Email: winnie.tan@lmarecruitment.asia

What you can expect

Network Access Monitoring (NAM) team in CSD provides capabilities of monitoring and analysis of network traffic, device compliance and analysis of system logs to detect, identify, investigate malicious activity, and respond to a compromised device as necessary. As part of the NAM team, you would be working in a collaborative and challenging environment leveraging and honing your skills to defend one of the largest Bank in the world using a range of technologies and well-established processes. NAM team members are expected to be subject matter experts on multiple technologies and able to apply necessary skillsets towards incident investigation, automation, and augmentation.

Follow the sun model to provide 24x7 coverage. As part of APAC team, you would work mostly in Singapore business hours but can expect on-call/out of business hours work as required.

What you will do

    • Investigate security alerts, conduct investigations to identify malicious activities and take appropriate action to mitigate any security risks
    • Engage and collaborate with analysts from other teams such as Application Monitoring and Response (AMR), Malware Prevention and Analysis, etc. if required to help with investigations
    • Report and escalate significant incidents and investigation findings as per bank's established processes
    • Automate tasks to improve quality, effectiveness and speed of analysis and incident reporting
    • Research emerging security threats, identify IOCs and TTPs for continuous improvement of NAM's capabilities
    • Participate in security drills, table-top exercises, and other similar initiatives to meet regulatory and internal governance requirements
    • Contribute to updating/creation of runbooks and operational documentation
    • Provide subject matter expertise to other teams in GIS and support development of junior analysts.

Your background

    • Experienced security analyst having excellent technical investigative skills in uncovering malicious activities, threat hunting and taking appropriate remediation action to defend against cyber threats
    • Proficient in firewall log analysis, DNS log analysis, Netflow analysis, 802.1X Network Access Control log analysis
    • Knowledge of TCP/IP, common network protocols, packet formats and packet analysis
    • Ability to search relevant logs to support the investigation, use regex, and write queries. Experience on Splunk logging solution is preferred.
    • Working knowledge of network security technologies, ACLs, application security and security vulnerabilities
    • Strong understanding of common security vulnerabilities, attack vectors/TTPs used by threat actors and corresponding IOCs
    • Experience in automation using Python or similar programming language
    • Ability to write investigation reports and communicate the findings to diverse audience including senior management
    • Ability to work independently with minimal/no supervision in a fast-paced security operation environment
    • 10 years of experience in Information technology out of which minimum 5 years of experience should be as a Security Analyst

Company Reg No.: 201131609D | Licence No.: 11C4684 | EA Reg no: 1871156