Threat Hunter

สนใจสมัครงาน กรุณาส่ง E-mail ระบุตำแหน่งงานที่สนใจ และแนบประวัติ (Resume) ส่งถึง hr.recruiting@ktbcs.co.th

Responsibilities

  • Perform intrusion analysis using SIEM technology, packet captures, reports, data visualization, log analysis and pattern analysis.
  • Finetune EDR for blocking and reporting based on customer business need
  • Assist SOC Analyst by providing next level in-depth analysis
  • Conduct pro-active threat hunting and analysis
  • Respond to security incidents and perform investigation
  • Tactical Intel Coordination – Focusing on partnerships and information sharing, support organizations on strategic direction to mitigate threats.
  • Adversary Disruption – Leveraging tactical, technical and legal capabilities to eradicate threat.
  • Support the investigation and contribution to large and small scale computer security breaches
  • Characterize suspicious binaries and be able identify traits, C2, and develop network and host-based IOCs.
  • Identify potential malicious activity from memory dumps, logs, and packet captures
  • Through review and analysis of cyber threats, provide both internal & external parties key information to respond to threat.
  • Participate as part of a close team of technical specialists on coordinated responses and subsequent remediation of security incidents.
  • Analyze intelligence from internal threat intelligence data as well as leverage external source for supplemental.

Qualifications

  • Bachelor or Master Degree in computer science, engineering, information science, or a related technical discipline
  • At least 5 years of related experience in cybersecurity or computer network defense
  • Demonstrated relevant experience as a key member of a threat intel, incident response, malware analysis, or similar role.
  • Strong knowledge of malware families and network attack vectors.
  • Strong knowledge of Linux, Windows system internals.
  • Strong knowledge of web applications and APIs
  • Understanding of payment card processing, related fraud and carding techniques
  • Scripting, YARA, Snort, RegEx and PCRE experience is desirable.
  • Tangible experience combatting crimeware or APT is a distinguishing factor.
  • Certifications such as GREM or CISSP a plus, but skill level carries more weight.