Talent.com
Tawaran kerja ini tidak tersedia di negara anda.
Senior Manager, Endpoint Protection & Threat Surface Reduction

Senior Manager, Endpoint Protection & Threat Surface Reduction

SRKay Consulting GroupKuala Lumpur, Kuala Lumpur, Malaysia
14 jam yang lalu
Penerangan pekerjaan

Technical Head Hunter | Executive Search & Headhunting | Employer Branding & Talent Strategy

Reporting Manager : Head of Cyber Defense Center

Position : Senior Threat Intelligence & Detection Engineer

Reporting Manager : Head of Cyber Defense Center

Industry : Financial Services

Location : Kuala Lumpur, Malaysia

KEY RESPONSIBILITIES

Threat Intelligence Fusion & Analysis :

  • Act as the subject matter expert (SME) for cyber threat intelligence, focusing on threats to the financial services industry.
  • Curate and analyze intelligence from open-source (OSINT) and premium sources (e.g., Recorded Future, Intel471, CrowdStrike) to perform threat modeling and risk assessments.
  • Produce and disseminate actionable intelligence reports, weekly bulletins, and tactical alerts to inform stakeholders and guide security operations.

Advanced Detection Engineering :

  • Lead the design, validation, and implementation of high-fidelity detection rules and use cases within our SIEM (Microsoft Sentinel, Elastic) and EDR (CrowdStrike, Microsoft Defender for Endpoint) platforms.
  • Utilize your malware analysis and reverse engineering skills to deconstruct attacker TTPs (Tactics, Techniques, and Procedures) and build heuristic-based detections.
  • Develop and maintain scripts (primarily in Python) to automate threat intelligence ingestion, log analysis, and indicator of compromise (IoC) management.

    • Incident Response & Threat Hunting Support :

  • Provide expert support to the SOC during incident response, offering deep-dive analysis on malware, scripts (PowerShell, JavaScript), and attacker behavior.
  • Proactively conduct threat hunts based on finished intelligence and your own research to identify covert threats within the environment.
  • Enhance threat actor profiling by integrating the MITRE ATT&CK framework and other industry-standard conventions.

    • Stakeholder Engagement & Leadership :

  • Collaborate closely with the vulnerability management team to assess the risk of actively exploited vulnerabilities and ensure timely mitigation.
  • Mentor and guide junior analysts and engineers within the Cyber Defense team.
  • Present technical findings and strategic threat landscape updates to senior management and other non-technical stakeholders in a clear and concise manner.

    • KEY PERFORMANCE INDICATORS (KPIs)

  • Timely delivery of high-quality, actionable threat intelligence reports.
  • Increased detection coverage and reduced false-positive rates for new detection rules.
  • Measurable improvement in the SOC's ability to identify and respond to sophisticated threats.
  • Successful automation of key operational processes through scripting.
  • Positive feedback from internal stakeholders and leadership on the value of intelligence-led defense initiatives.

    • QUALIFICATIONS & EXPERIENCE

  • Minimum of 5-7 years of hands-on experience in a cyber security role, with a proven track record in Threat Intelligence, Threat Detection Engineering, and / or Malware Analysis.
  • Mandatory : Experience within the Financial Services industry or a Managed Security Service Provider (MSSP) serving financial clients.
  • Mandatory : Proficiency in Python scripting for security automation and data processing (XML, JSON).
  • Demonstrable experience with EDR (CrowdStrike, Microsoft Defender), SIEM (Microsoft Sentinel, Elastic), and major Threat Intelligence platforms.
  • Practical experience in static and dynamic malware analysis and deobfuscation of scripts.
  • Strong understanding of the MITRE ATT&CK framework and its practical application.
  • Bachelor’s degree in Information Technology, Computer Science, or a related field.

    • KNOWLEDGE & TECHNICAL SKILLS

  • Essential : Deep knowledge of Windows OS internals (Filesystem, Registry, APIs) and attacker tradecraft.
  • Essential : Strong understanding of network security and cloud (Azure / AWS) security concepts.
  • Highly Desired : Relevant industry certifications such as GCTI, GMON, CYSA+, or CISSP.
  • Excellent analytical, problem-solving, and communication skills.
  • Ability to work independently and lead initiatives in a complex, multi-stakeholder environment.

    • #J-18808-Ljbffr

    Buat amaran kerja untuk carian ini

    Senior Manager • Kuala Lumpur, Kuala Lumpur, Malaysia