Security Analyst L2
Indonesia
Ensign InfoSecurity
Ensign InfoSecurity is Asia's premier cybersecurity provider. Our Threat-informed Defence approach offers tailored insights on regional cyber risks.Ensign is hiring !
Responsibilities
- Monitor third party security feeds, forums, and mailing lists to gather information related to the client through automated means
- Produce intelligence outputs to provide an accurate depiction of the current threat landscape and associated risk through the use of customer, community, and open source reporting
- Produce actionable intelligence information for delivery to colleagues and customers in the form of technical reports, briefings, and data feeds
- Review vulnerabilities advisories
- Review and process threat intelligence reports
- Perform detailed investigative works into all traffic anomalies against established, historical baselines of individual agencies. Reviewing and profiling the events of all monitored clients
- Assess each event based on factual information and wider contextual information available
- Review, propose and generate reports to automate or reduce low value event escalations
- Build rules and intelligence to detect such threats and proliferate to all monitored networks
- Implementing and devising detection method of such threats in our security operations through SIEM Rules, DB scripts etc
- Perform periodic analysis of security events, network traffic, and logs to engineer new detection methods, or create efficiencies when available
- Supports the development of tactics, techniques, and procedures in providing proactive threat hunting and analysis against the available information sources (e.g. Netflow, DNS and Firewall logs, etc.)
- Assist the Security Analysts with the investigative works
- Prepare training programme for Security Analyst and conduct knowledge sharing sessions for Security Analyst
- Fulfil Change Requests, Service Requests and respond to internal / external enquiries with regards to detection Use Case
- Any other tasks as assigned
Requirements
- Degree holder with at least 5 years' of experience in related field and capacity
- Prior experience working in a Security Operations Centre (SOC) or Computer Emergency Response Team (CERT/CIRT)
- Possessed deep interest in open source research and critical thinking / contextual analysis abilities
- Has proper understanding of network, apps,and server fundamentals, and be able to identify and analyze logs thoroughly by looking at the indicators
- Has understanding of MITRE ATT&CK framework or cyber kill chain
- Investigative and analytical problem solving skills
- An understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security
- Related professional cyber security certification, such as GCIA, CEH, will be preferred
- Experience with intelligence analysis processes, including Open Source Intelligence (OSINT) and closed source intelligence gathering, source verification, data fusion, link analysis, and threat actor
- Ability to research and characterize security threats to include identification and classification of threat indicators
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CEH CERT Cyber Kill Chain DNS Firewalls GCIA MITRE ATT&CK Open Source OSINT SIEM SOC Threat intelligence Vulnerabilities
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Engineer jobs
- Open Cloud Security Architect jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Architect jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Security Consultant jobs
- Open Security Operations Analyst jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information System Security Officer jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs