Threat and Incident Response Analyst

Your work should challenge the status quo. You should be defining the future, not dependent on it. You don't like it safe and prefer to swim in the deep end while figuring things out. You want to be avant-garde.

If this resonates with you, then you'll fit right in here at Propine.

Propine is re-inventing capital markets using blockchain technology. We've worked with the Monetary Authority of Singapore (MAS) to become the first licensed custodian for digital assets in the world.

We are re-imagining the issuance and lifecycle management of capital market products like equities, debt, structured products, and funds using blockchain technology to reduce friction and increase value for issuers and investors.

This role requires a do-whatever-it-takes mindset and the ability to operate just outside your comfort zone. If this excites and also makes you nervous, you might be the right fit.

Seniority: Associate

Position Title: Threat and Incident Response Analyst

We seek a highly motivated and skilled Threat and Incident Response Analyst to join our information security team. The ideal candidate will be passionate about security and eager to work with the latest tools to investigate and respond to attacks against our organization.

1. Identify and analyze cybersecurity threats impacting the organization.
2. Proactively discover new attacks using advanced security monitoring techniques.
3. Investigate and respond to security incidents following a defined incident response process.
4. Create playbooks and response processes.
5. Collaborate with engineering to automate incident responses.
6. Identify emerging threats and update detection and response capabilities accordingly.
7. Perform threat modeling across technologies and applications, ensuring security controls are in place.
8. Identify relevant data sources and onboard them to the SIEM platform.
9. Operate and administer the SIEM platform.
10. Utilize security tools like SIEM, EDR, WAF, IDS, Netflow for threat investigation and response.
11. Manage threat intelligence feeds for security event correlation.
12. Participate in 24x7 on-call support for security operations.

• 5-7 years of experience in security/threat analysis, prevention, and detection technologies.
• Strong analytical skills with a self-motivated approach to learning new technologies.
• Deep knowledge of Unix/Linux, Windows, Active Directory, Databases, Cloud, and DevOps.
• Experience with endpoint and network security technologies like IDS, IPS, EDR, ATP, malware defenses.
• Experience with SIEM and log management tools.
• Understanding of Cyber Threat TTPs, Threat Hunt methodologies, and the Mitre Attack framework.
• Scripting experience.
• Familiarity with threat modeling methodologies like STRIDE and PASTA.
• Effective communication skills for technical and non-technical audiences across geographies.