Ensign is hiring !

Duties and Responsibilities:

• Performs threat hunting within the clients’ technology environments to uncover indicators of threat activities.

• Support SIEM use case management process

• Supports the development of tactics, techniques, and procedures in providing proactive threat hunting and analysis against the available information sources (e.g. SaaS logs, Kubernetes  and Firewall logs, etc.).

• Supports the identification and documentation of Indicators of Compromise (IoCs).

• Leverages internal and external resources to research threats, vulnerabilities and intelligence on various threat actors and exploitation tools and platforms.

• Use an analytics platform to identify threats in the available information repositories.

• Perform threat research to identify potential threat vectors and work with multi-disciplines to improve prevention and detection methods.

• Identify gaps in an organisation’s measurement metrics, telemetry and logging capabilities and propose enhancement strategies to achieve the intended outcomes.

Requirements:

• Regularly keeping up with  infosec affairs, threat landscapes and exposed to well-known threat actors
  Preferred Self starter and independent with minimal supervision is required
  Exposed to mid/large scale of IR

• Able to install own mini Lab from scratch if needed

• Ability to demonstrate flexibility, initiative and innovation in dealing with ambiguous, fast-paced situations.

• Ability to show proficiency in one or more regional languages and dialects.

• Possession of excellent presentation and briefing skills.

• Possession of excellent oral and written communication skills.

• Professional certifications, including EnCE, GCIH, GCFE, GCFA, GREM, GNFA, GASF, GCTI, CISSP, or other SANS certifications.