Threat Hunter (SOC Tier 3)

Our team's mandate is to provide world-class service in Cyber Security as the leading Cyber Security service provider in Thailand and ASEAN Market. You will be joining TDG's Cyber Security team to protect our clients from cybercrime and support multifaceted countermeasures against cyber attacks by Threat Intelligence and remediation automation.

The Threat Hunter is responsible for participating in threat actor based investigations, creating new detection methodology and providing expert support to incident response and monitoring functions. The focus of the Threat Hunter is to detect, disrupt and eradicate threat actors from True Digital’s networks. Threat Hunter has experience in using various data analysis techniques, threat intelligence, and cutting-edge security technologies.

Threat Hunter are filled by senior staff and are typically staffed Monday through Friday during daytime shift in the local time zone and may be on-call for after business hours support.

Key Responsibilities

• Leads the investigation of security incidents escalated by Level 1 and 2 MDR Centre analysts.
• Conducts security research on the latest cyber threats and vulnerabilities related to True Digital MDR Centre constituency.
• Conducts proactive threat hunting using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect and eradicate threat actors in True Digital’s network.
• Forensically analyse artefacts in search of indicators of compromise.
• Mentor Level 1 and 2 MDR Centre analysts.
• Conducts regular security training and knowledge workshops.
• Participates in local and regional security conferences, representing the Security Department.
• Researches new tools that can help progress the MDR services.
• Leads the use cases development activities.
• Works closely with other local and regional industry security subject matter experts to share knowledge and experience in investigating and managing security incidents.
• Acts as the subject matter expert for security incident cases involving legal actions.
• Acts as a technical advisor for the management of the MDR services.

Qualifications

• Bachelor degree in science or engineering or higher is required.
• Ten (10) years of full-time experience in information security
• GIAC Certified Intrusion Analyst or demonstrated skills and ability to obtain the certification are required.
• GIAC Certified Incident Handler or demonstrated skills and ability to obtain the certification are required.
• Proven experience in researching and creating security tools and processes is required.
• Deep knowledge and strong experience in managing SIEM tools, especially Splunk, are required.
• Proven programming skills in Python, Perl and shell scripting are required.
• Proven experience in managing and operating malware analysis tools is required.
• Deep knowledge on host based digital forensics for operating systems, especially Microsoft Windows and Linux is required.
• Proven ability to implement best practices and industry standards in acquiring and handling digital evidence.
• Able to work either independently or in a team made of internal and external resources to conduct forensic examinations.
• Excellent written and verbal communication skills are required.
• Ability to communicate effectively with executives in explaining incident findings clearly.
• Working experience in a MDR Centre, Security Operations Centre (SOC), Managed Security Service (MSS), or enterprise network environment.

OUR COMMITMENT TO YOU

We value our people and have the mission to attract and retain exceptional talent. We work in a truly agile environment where opinions are encouraged collaboration…. everyone has an opinion….opinions are valued…..and have no time for finger pointing and politics, instead we test & learn and celebrate successes as a team.

We will provide a training and coaching program to all our team members, tailored to your development needs and aspirations. This can cover a wide range of skills, like mastering new technologies, further developing your skills in presenting to a non-technical audience or supporting you to grow in a leadership position.

OUR OFFER

Employee Provident Fund – Annual Bonus - Annual health check-up - Medical Service @Workplace – Medical Expense Reimbursement - Health & Life Insurance - Fitness, Spa, Day care – Employee Privileges – Employee Loan - Education Loan - Scholarship for Employees' Children - Learning Center - Staff Activities - Smart Casual