สนใจสมัครงาน กรุณาส่ง E-mail ระบุตำแหน่งงานที่สนใจ และแนบประวัติ (Resume) ส่งถึง email@example.com
- Perform intrusion analysis using SIEM technology, packet captures, reports, data visualization, log analysis and pattern analysis.
- Finetune EDR for blocking and reporting based on customer business need
- Assist SOC Analyst by providing next level in-depth analysis
- Conduct pro-active threat hunting and analysis
- Respond to security incidents and perform investigation
- Tactical Intel Coordination – Focusing on partnerships and information sharing, support organizations on strategic direction to mitigate threats.
- Adversary Disruption – Leveraging tactical, technical and legal capabilities to eradicate threat.
- Support the investigation and contribution to large and small scale computer security breaches
- Characterize suspicious binaries and be able identify traits, C2, and develop network and host-based IOCs.
- Identify potential malicious activity from memory dumps, logs, and packet captures
- Through review and analysis of cyber threats, provide both internal & external parties key information to respond to threat.
- Participate as part of a close team of technical specialists on coordinated responses and subsequent remediation of security incidents.
- Analyze intelligence from internal threat intelligence data as well as leverage external source for supplemental.
- Bachelor or Master Degree in computer science, engineering, information science, or a related technical discipline
- At least 5 years of related experience in cybersecurity or computer network defense
- Demonstrated relevant experience as a key member of a threat intel, incident response, malware analysis, or similar role.
- Strong knowledge of malware families and network attack vectors.
- Strong knowledge of Linux, Windows system internals.
- Strong knowledge of web applications and APIs
- Understanding of payment card processing, related fraud and carding techniques
- Scripting, YARA, Snort, RegEx and PCRE experience is desirable.
- Tangible experience combatting crimeware or APT is a distinguishing factor.
- Certifications such as GREM or CISSP a plus, but skill level carries more weight.