Cyber Security Engineer

• Information Security related Certification (CISSP / CISM / GCIA , an Appropriate professional accreditation GCIH / Ethical Hacking (CEH), Offensive Security Certified Professional (OSCP) is preferred, GPEN, advantageous.
• Experience in developing threat models, risk profiles, cyber-security risk and incident management, and a solid understanding of crime in the financial sector.
• Solid understanding and familiarity of the MITRE ATT&CK Framework.
• 5 to 8 years Experience performing threat hunting and leading threat hunting programs. Should also have experience in performing red team exercises.
• Must have 5 - 8 years experience and be very proficient with the common tools associated with cyber security operations centres e.g. proxy technologies, log management, correlation solutions, SIEM, SOAR and common security testing tools with solid understanding of voice and data networks, major operating systems, active directory, and their associated peripherals.
• Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity and the cyber-attack kill chain, organized crime/fraud groups and both state and non-state sponsored threat actors.
• Threat intelligence, research, develop and perform hunting activities to proactively detect threat actors and their techniques, tools and processes.
• Recognize possible successful / unsuccessful intrusion attempts to compromise the network through analysis and hunting activities.
• Ability to perform dynamic malware analysis and extracting IOC (Indicator of compromise) information. React to any CSOC alerting (EDR, Qradar) and review for validity or false positives and modify alerts as needed.
• Demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity and the cyber-attack kill chain, organized crime/fraud groups and both state and non-state sponsored threat actors.

Responsibilities:

• The Cyber Threat Hunter will proactively detect threats that evade traditional security controls.
• Research, develop, perform, and analyse the results of proactive and reactive host and network-based investigations to determine if malicious activity exists within the environment.
• Building customized threat hunts specifically tailored, including, malware research, to develop detections based off numerous inputs. In addition, the role will provide expert support to the cyber security incident response team and this role has a group wide mandate.
• Interface with industry peers to acquire and share Cyber Hunt best-practices in the sector.