BCS
BCS is NETS’ wholly owned subsidiary, and is an entity within the NETS Group. It manages and operates clearing and payment infrastructure for the Singapore Automated Clearing House, including Fast And Secure Transfers (FAST), Inter-bank GIRO (IBG), Cheque Truncation System (CTS), and provides services for PayNow and SGQR Central Repository.
Overall Function
This role is hired under one of the subsidiaries under NETS Group, namely Banking Computer Services Pte Ltd.
You will focus on security threat intelligence, anomaly hunting, digital forensics and incident response, leveraging on your security knowledge and experience in using a broad array of tools and techniques to detect and respond to malicious activities.
You are familiar with the Cyber Security Act 2018, Cybersecurity Code of Practice (CCoP), MAS Cyber Hygiene and Technology Risk Management Guidelines.
You will work in a highly collaborative environment with cross-functional teams.
Key Responsibilities
You will be responsible for:
- Conducting research, collecting & analyzing data and evaluating intelligence; identifying patterns and trends and developing appropriate strategies
- Providing actionable intelligence to detection operations that proactively monitor systems for potential threats
- Providing actionable intelligence to investigate security incidents and conduct data analysis based on findings
- Proactively hunting for threats and enacting identification, containment, and eradication measures while supporting recovery efforts
- Develop, maintain and enhance threat intelligence processes, procedures, frameworks, libraries and services
- Apprise internal stakeholders of potential cyber threats by analysing internal and external intelligence feeds
- Conduct threat modelling and threat hunting activities
- Conducting research regarding the latest methods, tools, and trends in digital forensics analysis
- Receive Tier 2/3 incident escalation from detection operations and assist with real-time, continuous (24x7) security event monitoring, response, and reporting
- Conducting forensic investigations, both internally and externally; Collecting, preserving and analyzing data and digital evidence
- Performing forensic examinations on electronic devices, including laptop and desktop computers, servers, and mobile devices; preserve and analyze data obtained from examinations
- Writing and presenting routine report
Requirements
To apply for this role, you need to possess the following:
- Degree in Computer Science, Computer Engineering or Information Security related fields
- At least 5 years’ working experience with at least 2-years in threat intelligence and threat hunting roles and the remaining in incident response and digital forensics, security operations and security engineering roles
- Familiar with MAS Technology Risk Management Guidelines, MAS Cyber Hygiene Notice and Cybersecurity Code of Practice
- In-depth knowledge of current operating environments (Microsoft, UNIX & Linux).
- Deep understanding and knowledge of networking, including TCP/IP, DNS, HTTP, SMTP
- Knowledge of cyber threat intelligence processes and tradecraft
- Knowledge of Advanced Persistent Threat (APT) actors and their Tactics, Techniques and Procedures (TTPs)
- Advanced understanding in the Lockheed Martin Cyber Kill Chain, STRIDE and MITRE ATT&CK framework
- Working experience in using commercial and open-source research tools to support research and analysis
- Experience with tools like Autopsy, Belkasoft RAM Capturer/DumpIt/Comae Memory Toolkit, EnCase, FTK, Volatility, Wireshark
- Experience with programming languages such as Python & PowerShell
- Cloud experience/knowledge highly advantageous
- A positive and growth mindset
- Exceptional written, verbal communication and presentation skills; must be comfortable with public speaking and presenting findings to others, including senior leadership
- Certifications such as OSCP, GCTI, GPEN, GCIA, GCIH, GCFA, GCFE, GCNFA or GREM are highly desirable