Cyber Threat Intelligence (CTI) Engineer

BCS is NETS’ wholly owned subsidiary, and is an entity within the NETS Group. It manages and operates clearing and payment infrastructure for the Singapore Automated Clearing House, including Fast And Secure Transfers (FAST), Inter-bank GIRO (IBG), Cheque Truncation System (CTS), and provides services for PayNow and SGQR Central Repository.

Position Summary

The CTI Engineer will focus on cyber security threat intelligence collection, analysis, threat hunting, and facilitating an intel-driven incident response. He/she will also leverage his/her security knowledge and experience in using a broad array of tools and techniques to identify, detect and respond to malicious activities.

The incumbent must be familiar with the Cyber Security Act 2018, Cybersecurity Code of Practice (CCoP), MAS Cyber Hygiene and Technology Risk Management Guidelines (TRMG).

Key Responsibilities

• Develop strategies through research, evaluating intelligence, studying patterns and trends.
• Develop, maintain, and enhance threat intelligence processes, procedures, frameworks, libraries, and services.
• Conduct collection & analysis of data, evaluating intelligence to identify patterns and trends with relation to our operating environments and technology stacks.
• Manage and finetune the threat intelligence sources with relation to our operating environments and technology stacks.
• Provide actionable intelligence to detection operations that proactively monitor systems for potential threats.
• Provide actionable intelligence to investigate security incidents and conduct data analysis based on findings.
• Proactive threat hunting and enacting identification, containment, and eradication measures while supporting recovery efforts.
• Conduct research and stay up to date on latest methods, tools, and trends in threat intelligence analysis.
• Apprise internal stakeholders of potential cyber threats by analyzing internal and external intelligence feeds.
• Prepare and present regular reports.
• Conduct threat modelling and threat hunting activities

Requirements

• Degree in Computer Science, Computer Engineering or Information Security related fields.
• At least 5 years’ working experience with at least 2-years in threat intelligence and threat hunting roles and the remaining in incident response, security operations and security engineering roles.
• Familiar with MAS Technology Risk Management Guidelines, MAS Cyber Hygiene Notice and Cybersecurity Code of Practice.
• In-depth knowledge of current operating environments (Microsoft, UNIX & Linux).
• Deep understanding and knowledge of networking, including TCP/IP, DNS, HTTP, SMTP.
• Knowledge of cyber threat intelligence processes and tradecraft.
• Knowledge of Advanced Persistent Threat (APT) actors and their Tactics, Techniques and Procedures (TTPs).
• Advanced understanding in the Lockheed Martin Cyber Kill Chain, STRIDE and MITRE ATT&CK framework.
• Working experience in using commercial and open-source research tools to support research and analysis.
• Experience with programming languages such as Python & PowerShell.
• Cloud experience/knowledge highly advantageous.
• A positive and growth mindset.
• Prepare and present regular reports.
• Exceptional written, verbal communication and presentation skills; must be comfortable with public speaking and presenting findings to others, including senior leadership.
• Certifications such as OSCP, GCTI, GCIA, GCIH are advantageous.

Banking Computer Services Pte Ltd (a subsidiary of Network for Electronic Transfers (Singapore) Pte Ltd)