Threat Hunter (SOC Tier 3)
Bangkok, TH
True Digital Group
Enabling Digital Transformation As a subsidiary of True Corporation, a leading communications conglomerate in Thailand, True Digital Group (TDG) ambition is to transform Thailand and the region for digital revolutions. uncover new...Our team's mandate is to provide world-class service in Cyber Security as the leading Cyber Security service provider in Thailand and ASEAN Market. You will be joining TDG's Cyber Security team to protect our clients from cybercrime and support multifaceted countermeasures against cyber attacks by Threat Intelligence and remediation automation.
The Threat Hunter is responsible for participating in threat actor based investigations, creating new detection methodology and providing expert support to incident response and monitoring functions. The focus of the Threat Hunter is to detect, disrupt and eradicate threat actors from True Digital’s networks. Threat Hunter has experience in using various data analysis techniques, threat intelligence, and cutting-edge security technologies.
Threat Hunter are filled by senior staff and are typically staffed Monday through Friday during daytime shift in the local time zone and may be on-call for after business hours support.
Key Responsibilities
- Leads the investigation of security incidents escalated by Level 1 and 2 MDR Centre analysts.
- Conducts security research on the latest cyber threats and vulnerabilities related to True Digital MDR Centre constituency.
- Conducts proactive threat hunting using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect and eradicate threat actors in True Digital’s network.
- Forensically analyse artefacts in search of indicators of compromise.
- Mentor Level 1 and 2 MDR Centre analysts.
- Conducts regular security training and knowledge workshops.
- Participates in local and regional security conferences, representing the Security Department.
- Researches new tools that can help progress the MDR services.
- Leads the use cases development activities.
- Works closely with other local and regional industry security subject matter experts to share knowledge and experience in investigating and managing security incidents.
- Acts as the subject matter expert for security incident cases involving legal actions.
- Acts as a technical advisor for the management of the MDR services.
Qualifications
- Bachelor degree in science or engineering or higher is required.
- Ten (10) years of full-time experience in information security
- GIAC Certified Intrusion Analyst or demonstrated skills and ability to obtain the certification are required.
- GIAC Certified Incident Handler or demonstrated skills and ability to obtain the certification are required.
- Proven experience in researching and creating security tools and processes is required.
- Deep knowledge and strong experience in managing SIEM tools, especially Splunk, are required.
- Proven programming skills in Python, Perl and shell scripting are required.
- Proven experience in managing and operating malware analysis tools is required.
- Deep knowledge on host based digital forensics for operating systems, especially Microsoft Windows and Linux is required.
- Proven ability to implement best practices and industry standards in acquiring and handling digital evidence.
- Able to work either independently or in a team made of internal and external resources to conduct forensic examinations.
- Excellent written and verbal communication skills are required.
- Ability to communicate effectively with executives in explaining incident findings clearly.
- Working experience in a MDR Centre, Security Operations Centre (SOC), Managed Security Service (MSS), or enterprise network environment.
OUR COMMITMENT TO YOU
We value our people and have the mission to attract and retain exceptional talent. We work in a truly agile environment where opinions are encouraged collaboration…. everyone has an opinion….opinions are valued…..and have no time for finger pointing and politics, instead we test & learn and celebrate successes as a team.
We will provide a training and coaching program to all our team members, tailored to your development needs and aspirations. This can cover a wide range of skills, like mastering new technologies, further developing your skills in presenting to a non-technical audience or supporting you to grow in a leadership position.
OUR OFFER
Employee Provident Fund – Annual Bonus - Annual health check-up - Medical Service @Workplace – Medical Expense Reimbursement - Health & Life Insurance - Fitness, Spa, Day care – Employee Privileges – Employee Loan - Education Loan - Scholarship for Employees' Children - Learning Center - Staff Activities - Smart Casual
Tags: Agile Automation Cyber crime Forensics GIAC Incident response Linux Malware Monitoring Perl Python Scripting SIEM SOC Splunk Threat intelligence Vulnerabilities Windows
Perks/benefits: Career development Conferences Fitness / gym Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Information Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs