Principle SOC Research Consultant

Key Responsibilities:

• Collect and verify raw intelligence from multiple strategic and tactical data sources and correlate collected intelligence to build upon a larger knowledge.
• Research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure using internal and external resources.
• Automate tracking and discovery of threats leveraging internal and external data sources.
• Contribute to the production of reports detailing threat groups including TTPs.
• Analyze logs and perform log correlations to identify anomalous/malicious behavior utilizing.
• Responding to prioritized requests for information (RFI) and provide key findings to enable the production of finished intelligence.
• Develop Attack detection response playbooks, counter-measure definition, and strategies to mitigate emerging threats.
• Develop use cases mapped to common frameworks (e.g., MITRE ATT&CK) for detecting new/evolving threats, including supporting content for security tools (e.g., SIEM rules, NIDS signatures, EDR content, etc.).
• Plan and execute regular simulation attack exercises (red-team/blue-team / purple-team) to validate detection, response, and remediation capabilities and improve MSOC readiness.

Qualifications:

• Bachelor of Computer Science or equivalent

Professional Certifications:

• Professional certification in pen testing from internationally recognized institution or relevant are preferred.

Years of Experience:

• 6+ years of prior experience

Nature of Experience:

• 2 years in security operation and threat hunting and 2 years in threat intelligence

Job Specific Skills:

• Practical experience in Identifying and investigating information security incidents and developing recommendations to prevent similar incidents in the future.
• Understanding of the methods, tools, and processes to respond to information security incidents.