Threat and Incident Response Analyst (Remote)

Work should be challenging.

Your work should challenge the status quo and involve defining the future, not just being dependent on it.

You prefer to operate in the deep end, figuring things out as you go, and aim to be avant-garde.

If this resonates with you, then you'll fit right in here at Propine.

Propine is re-inventing capital markets using blockchain technology. We have collaborated with the Monetary Authority of Singapore (MAS) to become the first licensed digital asset custodian in the world.

We are re-imagining the issuance and lifecycle management of capital market products like equities, debt, structured products, and funds using blockchain technology to reduce friction and enhance value for issuers and investors.

This role requires a 'do-whatever-it-takes' mindset and the ability to operate just outside your comfort zone. If this excites and slightly unnerves you, you might be the right fit.

Seniority: Associate

Position Title: Threat and Incident Response Analyst

We seek a highly motivated and skilled Threat and Incident Response Analyst to join our information security team. The ideal candidate will be passionate about security and eager to work with the latest tools and methodologies to investigate and respond to cyber threats against our organization and assets.

1. Identify and analyze cybersecurity threats impacting the organization.
2. Proactively discover new attacks using advanced security monitoring techniques and tools.
3. Investigate and respond to security incidents following a defined incident response process.
4. Create playbooks and procedures for incident response.
5. Collaborate with engineering to automate responses to security incidents.
6. Identify emerging threats and update detection and response capabilities accordingly.
7. Perform threat modeling across technologies and applications, ensuring security controls are in place for identified threats.
8. Identify relevant data sources and security monitoring use cases, onboarding them to the SIEM platform.
9. Operate and administer the SIEM platform.
10. Utilize security tools like SIEM, EDR, WAF, IDS, Netflow for threat investigation and response.
11. Manage threat intelligence feeds to correlate security events.
12. Participate in a 24x7 on-call rotation for security operations support.

1. 5-7 years of experience in security threat analysis, detection, and prevention technologies.
2. Strong analytical skills with a self-motivated attitude to learn new technologies.
3. Deep knowledge of Unix/Linux, Windows, Active Directory, Databases, Cloud, and DevOps.
4. Experience with endpoint and network security technologies like IDS, IPS, EDR, ATP, malware defenses.
5. Experience with SIEM and log management tools.
6. Understanding of Cyber Threat TTPs, Threat Hunting, and the Mitre Attack framework.
7. Scripting experience.
8. Familiarity with threat modeling methodologies such as STRIDE and PASTA.
9. Effective communication skills with technical and non-technical teams across geographies.