Senior Security Engineer, Cyber Defense (Threat Detection)
Senior Security Engineer, Cyber Defense (Threat Detection)
You’ll be part of an exciting team responsible for the Grab Cyber Defence with the core mission of defending Grab and Grabbers from external and internal threat actors. We do this by detecting, hunting, and responding to those threat actors. Cyber Defence continuously prepares by emulating threat actors to test and practice our defenses. Based on our work and data we collect, we provide insights to our key stakeholders on current and future threats to Grab.
Get to Know the Role
You should have 3-5 or more years in a Security Operations Centre where you have strong security operations analytical skills and understand alerts generated by Cyber Security tools and mentored and assisted junior team members. Alternatively, you may have very strong Cyber Security domain knowledge in Pen-testing, Red-team, Digital Forensics, Cyber Threat Intelligence, or similar experience and looking for a slight shift.
As a Grab Senior Threat Detection Engineer, your core responsibilities are triaging and finding ways to reduce the mean time to detection and containment of a threat before it becomes a larger threat to Grab. You would be helping the junior and team leads understand and triage alerts as well. You are confident in reaching out to Grabbers directly at all seniority levels and cultures, to determine if an action was a threat to Grab.
You would have improved Security Operations in your previous roles by reducing false positives and creating new alert criteria. You may have done some automation already (SOAR, scripting or engineering) or have good ideas on how to operate in a large-scale and complex environment. You have helped out or maybe lead incidents and can work independently given a task. Malware and analysis of obfuscated scripts may have been something you are highly proficient at.
You want to participate in threat hunting and purple team engagements to improve Cyber Defence core mission.
The Day-to-Day Activities:
- Review Cyber Security alerts evaluate their severity and escalate as required.
- Review alert criteria for host and network intrusions and push them to production. Also produce decision criteria and playbooks for alerts, automating as much as possible.
- Mature existing detection rules, and create automated tests and automation workflows to improve the overall detection capability.
- Contribute to identifying gaps in the current logging and detection capability and suggest mechanisms to remediate these gaps.
- Contribute to threat hunting, purple team efforts searching for unknown malicious activity in our network using the latest threat intel and knowledge of Cyber security.
- Respond with the team when an incident occurs, you will be on the front lines of response for the entire company.
- Contribute to engaging the overall Grab team, working collaboratively to address Grab’s security challenges while understanding business needs.
Our Commitment
We recognize that with these individual attributes come different workplace challenges, and we will work with Grabbers to address them in our journey towards creating inclusion at Grab for all Grabbers.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
