Cybersecurity Analyst (SOC)
Singapore, Singapore
Acronis
Acronis provides award-winning backup software & data protection solutions for consumers, businesses & MSPs. Protect your sensitive information!Acronis is a global cloud service provider, managing multiple datacenters with petabytes of data. Security Operations Team is a global team working on real-time monitoring and protection of all Acronis assets. You would be part of Security Operations Team identifying threats (through log analysis), responding to cyber incidents (attacks attempts, internal policy violations, etc.) and working with other teams on constant improvement of cyber security capabilities of Acronis.
Your Responsibilities
- Respond to security incidents and perform digital investigations.
- Analyse, normalize and correlate various log sources to identify abnormal and/or malicious behaviour through our big data SIEM.
- Monitor, respond and fine-tune alerts generated on our big-data SIEM by security systems (AV, NIDS, HIDS, EDR, etc).
- Actively hunt for attackers and search for indicators of compromise by external attackers, or internal Red Team and define new detection rules or improve existing ones.
- Define IOCs based on past attacks and external threat intelligence feeds.
- Develop and leverage the Threat Intelligence Platform. Develop Tactical and Operational Intelligence.
- Investigate malware activity and define related IOCs or contextual detection rules. Write and maintain Security Operations playbooks and standard operating procedures.
- Participate in evaluation, implementation, improvement, and troubleshooting of security tools in the portfolio.
Requirements
- 2 years of experience in Intrusion Detection, DFIR and/or Threat Hunting.
- Good understanding of TTPs and the ATT&CK Framework.
- In-depth knowledge of how operating systems operate and how to detect malicious activity.
- Excellent understanding of network and security protocols, demonstrated ability to detect attacks by analysing network traffic.
- Experience with Linux and Windows computer forensics and memory analysis.
- Experience integrating a Threat Intelligence Platform.
- Programming experience in Python, Shell scripting or other languages.
- English working proficiency (written and spoken).
- Available to work on-call and on occasional overtime (weekends, sale campaigns, etc.).
- Passionate, curious, eager to learn. Focused, result oriented, positive and constructive.
Additional Qualifications
- Familiar with Big Data environment and Query languages
- Log management and SIEM experience
- Malware analysis and Reverse-engineering experience.
- MacOS forensics
- Penetration testing / red-team experience.
- Relevant security-related certification such as GNFA, GCTI, GREM, OSCP, OSCE, GCIA, GCIH, GCFE, GCFA, GREM, GMON, GCUX, GCWN2
#LI-WC1
Tags: Big Data Cloud EDR Forensics GCFA GCIA GCIH GNFA GREM Intrusion detection Linux Log analysis MacOS Malware Monitoring OSCE OSCP Pentesting Python Red team Scripting SIEM Threat intelligence TTPs Windows
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs