CyberWatchSG

Job Purpose / Summary :

The Cyberwatcher is responsible for proactively searching and identifying cybersecurity threats within the

organization's assets.

He will be in contact with the Identify team to obtain information to help him carry out this task but he must

also keep a watchful eye to anticipate the hunts. Cyberwatcher will liaise with the React team to ensure that

once findings are successful the containment and eradication process can be implemented with his assistance

and information. After the incident is closed he will create detailed incident reports and contribute to lessons

learned in collaboration with the relevant team. He will also collaborate with the Offensive Security team

during purple team exercises to enhance his Threat Hunting campaigns

This role involves creating valuable defense to potential threats to ensure the security and integrity of the

organization's digital assets.

Key Responsibilities :

The Cyberwatcher is responsible for :

Maintain expert knowledge of Advanced Persistent Threat (APT) Tools Techniques and Procedures

(TTPs) forensics and incident response best practices.

Use threat intelligence and threat models to build threat scenarios.

Prepare and conduct threat-hunting campaigns to check threat scenarios.

Research analyze and correlate a wide range of data sets from any source.

Proactive and iterative research into systems and networks to detect advanced threats.

Reporting risk analysis and threat findings to the relevant stakeholders.

Identify and provide automated alerts for emerging and historically unknown threats.

Co-operate with multiple teams within operations intelligence and engineering to continuously

improve security checks and detection performance.

Participate PTXs (purple team exercises) by monitoring new detection capabilities.

Manage reports dashboards metrics for CyberSOC KPIs and presentation to senior management &

other stakeholders.

Work closely with key stakeholders in technology application and cybersecurity to develop

targeted use cases addressing specific advanced persistent threat (APT) behaviors.

Key Performance Indicators :

The Cyberwatcher is responsible for :

Maintain expert knowledge of Advanced Persistent Threat (APT) Tools Techniques and Procedures

(TTPs) forensics and incident response best practices.

Use threat intelligence and threat models to build threat scenarios.

Prepare and conduct threat-hunting campaigns to check threat scenarios.

Research analyze and correlate a wide range of data sets from any source.

Proactive and iterative research into systems and networks to detect advanced threats.

Reporting risk analysis and threat findings to the relevant stakeholders.

Identify and provide automated alerts for emerging and historically unknown threats.

Co-operate with multiple teams within operations intelligence and engineering to continuously

improve security checks and detection performance.

Participate PTXs (purple team exercises) by monitoring new detection capabilities.

Manage reports dashboards metrics for CyberSOC KPIs and presentation to senior management &

other stakeholders.

Work closely with key stakeholders in technology application and cybersecurity to develop

targeted use cases addressing specific advanced persistent threat (APT) behaviors

Employment Type : Full Time

Experience : years

Vacancy : 1