Information Security Lead
- Conducting forensics investigation on data breach.
Implementation of new tools and fine tuning of policies in Global SOC.
- Analyze typical threat actor profiles, the typical indicators associated with those profiles, and to synthesize the two.
- To develop innovative techniques to detect threat actor activity.
- Demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
- Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise.
- Analyze logs, normalize and perform automated log correlations utilizing big data analysis or hunt tools to identify
anomalous and potentially malicious behavior.
- Digital forensics on host or network from malware perspective, ability to identify anomalous behavior on network or endpoint devices.
- Fine tuning information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security, and security monitoring solutions.
- Preparing SOP for blue team, perform POC for new products
Tools & Technology: RSA SA, Splunk, Palo Alto, CyberArk, Darktrace, Crowdstrike, Zscaler, Encase, RSA Archer, SeviceNow