Take ownership of detection logic creation and maintain a data source regarding information security indicators, correlations, and previously detected logic to support information security teams and the overall IT department.
A well-established entity in the region looking to improve their information security function.
Lead the analysis of internal and external cybersecurity threat information from Intrusion Detection systems, logs, or intelligence reports to identify and address threat actor groups and Indicators of Compromise.Tailor detection logic within the business threat landscape to develop use cases (threat rules or signatures) based on industry intelligence.Provide expert advice on SIEM configuration and ensure its effective deployment in terms of monitoring and alerting rules.Leverage data sources (internal or external) to monitor the effectiveness of the existing detection logic and make improvements as necessary, maintaining a data source catalogue for intelligence regarding indicators or potential correlations.
7-9 years’ experience in threat hunting, common attack vectors, and IOC datasets within large financial institutions.Hands-on experience with SIEM configuration and logic development.Solid understanding of techniques for network exploitation, web application attacks , or other related protocols.Security+, CEH, GCIA, GCIH, or CISSP
Scope to drive information security threat hunting initiatives in collaboration with business and IT departments.Opportunity to further develop cyber defence operations.