Threat Hunting & Intelligence Analyst - Singapore
Posted Feb 7, 2020 - Requisition No. 81208
We protect Bloomberg
The Cyber Security Operations Center (CSOC) works to understand the cyber threats we face as an organization, develops instrumentation for detection and monitors events 24x7 looking for suspicious activity. We proactively learn from current trends to build relevant detections and contextual understanding into the program. We strive to monitor meaningful security events around the clock, respond quickly, but always favor quality over speed. If an Incident occurs, we are prepared to engage appropriate stakeholders and take required actions as needed. The CSOC department reports into the CISO, and we work closely with Engineering, Legal, Compliance, Investigations and many others across the organization to help unify security event monitoring and incident response. Our colleagues depend on us to be incident response pros that have a deep understanding of IT networks and systems. On any given day, the department may analyze cyber security events, hunt for suspicious activity, research and disseminate threat intelligence, identify improvement opportunities for detection rules, enhance procedures and train analysts.
We’ll trust you to:
Be responsible for the monitoring and analysis of security events occurring on our networks and systems. This includes the analysis of events tracked in our event monitoring platform as well as raw security events and data emitted from various host and network sensors in our environment. Typically you’ll be handling escalated or complex events. You will also analyze, hunt for and report on malicious activities based on threat intelligence indicators and reports. Additional duties include the timely testing and validation of new alerting and detection rules, detailing analytical procedures and training our operational staff. You will participate in varying degrees of project work that is geared at continual improvement of our coverages, visibility and scale.
You’ll need to have:
- At least 3-5 years of experience performing threat hunting operations
- Ability to conduct detailed investigations and analysis of cyber security issues
- Experience working in a cyber-threat intelligence role to the extent attacker tools and techniques used against enterprise environments are well understood
- Experience performing malware analysis and/or protocol analysis
- Experience working with remote cross-regional teams
- Ability to be autonomous but proactive in reaching out for support
- Deep understanding of cyber security trends and potential threats
- A passion for exploring and analyzing data on a large scale
- Good understanding of computer networking concepts
- Solid understanding of Windows, Linux and Mac operating systems
- Good experience with computer security monitoring and analysis
- Solid experience with deep file, host or network level analysis
- Experience with enterprise search technologies such as Splunk and Elastic Stack (ELK)
- Some level of programming experience
- Strong interpersonal and communication skills
We’d love to see:
- Deep knowledge of enterprise security controls on hosts and within the network that enable the ability to think through detection opportunities
- Experience with Endpoint Detection and Response (EDR) tools e.g. osquery, sysmon, Carbon Black, Tanium, Falcon, etc.
- Experience with Network IDS, protocols, filtering and packet capture devices e.g. Snort, Suricata, NetWitness, Zeek (Bro), etc.
- Prior experience with Red Team/Blue Team and/or Purple Team exercises
- Experience with the Python programming language
What’s it like to work here?
We work hard. We are ambitious and set ourselves tough business goals. We are a meritocracy, where everyone has a voice - not a job title. Working with people you trust, respect and can collaborate with is more important than titles or position. Things move fast, and we want people who will enjoy working in this environment and feed off the energy. That being said, it isn’t all about work. Giving back is one of our core values, and there are many ways to get involved in philanthropic initiatives, from helping local school kids with their reading, to helping clean up local parks and waterways.
If this sounds like you:
Apply if you think we're a good match. We'll get in touch to let you know what the next steps are, but in the meantime feel free to have a look at this:
Bloomberg is an equal opportunities employer and we value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.