Lead Engineer - Cyber Threat Hunting (Cyber Operations & Technologies)

Position Overview

We are seeking a self-motivated, dedicated Cyber Threat Hunting Lead with related experience to join our team. The person will be responsible for formulating relevant threat hunt scenarios and executing them to conduct effect threat hunting operations in accordance with Synapxe's approved policy and processes. The candidate should be capable of thinking like a threat actor and should be well versed in performing threat research using open source and paid tools.

Role & Responsibilities

• Performs threat hunting to detect, disrupt, and eradicate hidden threats in public healthcare networks and systems and ensures timely delivery of threat hunting commitments

• Possesses strong threat research capabilities to identify potential threats, including threat actors, their TTPs and attack infrastructure

• Performs threat modelling at the public healthcare level

• Provides strong technical guidance to the team to perform threat research to identify potential threats

• Designs as well as builds custom tools and procedures for threat hunting

• Recommends threat detection enhancements to mitigate gaps, assists in developing and tuning detection use cases

• Conducts security investigation, log analysis for detecting anomalies in various types of logs

• Documents processes, analysis, findings and recommendations in clear and concise manner

• Drafts reports, slide decks and presents them during management briefing

Requirements

• At least 10 years of experience in Cybersecurity of which there should be a minimum of 5 years of direct experience with demonstrable skillsets across threat intelligence, threat hunting, and/or incident response.

• Previous digital forensics, red teaming or penetration testing, detection engineering experience would be valuable

• Has in-depth understanding of networking, threats/vulnerabilities/risks, security controls, and analytical frameworks.

• Has good knowlege of threat actors (APTs in particular), malwares, malware families and network attack vectors

• Good understanding of SIEM, NDR, EDR, WAF and other security technologies is required

• Familiarity to use Threat Intel tools would be useful

• Good understanding of the Cyber Kill Chain, MITRE ATT&CK Framework, and NIST Cybersecurity Framework (CSF) expected

• Has knowledge of creating signatures and writing scripts

• Some experience in building automation/playbooks will be useful

• Professional security certifications such as GCIA, GCIH, GCFA, GNFA, GCTI, OSCP, etc will be an advantage

• Diploma/degree in cybersecurity or a related field.

• Should have good understanding of Windows, Linux internals

• Knowledge of cloud platforms and technologies is desirable

• Familiarity with Medical Device technologies is desirable

• Strong analytical and problem-solving skills.

• Excellent communication and interpersonal skills.

• Ability to work collaboratively in a team environment.

• Detail-oriented with strong organizational skills.

• Ability to work independently with minimum guidance