Cyber Threat Hunter (Government Agencies)

GovTech (Posted 22 Jan 22)

About the job

The Government Technology Agency (GovTech) aims to transform the delivery of Government digital services by taking an "outside-in" view, putting citizens and businesses at the heart of everything we do. We also develop the Smart Nation infrastructure and applications, and facilitate collaboration with citizens and businesses to co-develop technologies. Join us as we support Singapore’s vision of building a Smart Nation - a nation of possibilities empowered through info-communications technology and related engineering. You will play a key role in the Government Cyber Defence (GCD) of Cyber Security Group (CSG) as Digital Forensic and Incident Response (DFIR) Analyst to manage and investigate cybersecurity incidents. Successful candidate who is proficient in either network/host-based intrusion analysis, digital forensics or cyber threat intelligence, and develop custom analytics to proactively defend against cyber-attacks. As a Cyber Threat Hunter, you are responsible for the technical success at our deployments at government agencies and work directly with users in the deployed agencies to detect and eradicate against advanced threats. What you will be working on:

1. Provide proactive hunting and analysis at deployed locations against the dataset (e.g. Netflow, DNS and Firewall logs etc)

2. Leverage internal and external resources to research threats, vulnerabilities and intelligence on various attackers and attack infrastructure

3. Use Big Data Analytics platform to identify threats in various dataset

4. Perform advanced threat research to proactively identify potential threat vectors and work with central team to improve prevention and detection methods

5. Identify gaps in logging capabilities and propose enhancement strategies with users and engineers

What we are looking for:

1. Bachelor’s Degree in Computer Science/Information Security or equivalent

2. Professional certifications, including EnCE, GCFA, GREM, GNFA, GCTI, CISSP or other relevant certifications

3. Preferably 3 years or more of experience as a full-time incident responder/digital forensic/malware analysis or related discipline

4. Experience with digital forensics, focusing on Windows and Linux systems from a malware perspective, and Operating System (OS) exploitation methodologies

5. Experience in log analysis using Splunk, ELK, or similar tools, and malware triage

6. Strong understanding of cyber threat analysis models such as kill chain, diamond model, and MITRE

7. Strong knowledge of malware families and network attack vectors

8. Knowledge of creating YARA or Snort signatures is a plus

9. Experience with a common scripting or programming language, including Perl, Python, Bash or Powershell

10. Knowledge of web applications and APIs

Other Requirements:

1. Demonstrate a high degree of integrity, initiative, energy and endurance

2. Highly developed research and analytical skills

3. Critical thinking and contextual analysis abilities

4. Knowledge in one or more scripting languages (e.g. Python, Perl) an advantage

5. Possess good communication and interpersonal skills

6. Fresh Graduates can also be considered

Source: https://www.nodeflair.com/jobs/govtech-cyber-threat-hunter-government-agencies-38447