Job Summary

Analyze a large variety of data sets using cutting-edge security technologies to find patterns that will help to defend from the most advanced cyber threats. Build data product, perform statistical profiling, classification, clustering and predictive analysis to extract valuable information and build predictive models to help derive new insights to defend against cyber-attacks and also identification of unauthorized access or use of the system. Identify valuable data sources and automate collection processes, research and prototype new data modeling techniques to enhance the ability to identify and respond to threats.

Job Description

• Log collect Management  

- Config Log and Normalized Log on SIEM,UEBA system 

- Resolving issues as necessary on SIEM,UEBA system  

- Document procedures / Guideline Log Collection Management  

- Ensure complete log flow from various devices to the SIEM,UEBA system 

• Analyze and investigate Cybersecurity events 

-Perform analysis of log from a variety of sources and Creates detections based aligned to the MITRE ATT&CK Framework on the SIEM system.  

-Create rule for detect anomalies events on the SIEM system / review accuracy and tuning rule  

-Hunts for new threats and performs data analytics that might happen within the company. 

-Perform day-to-day analysis of logs to detect anomalies or events that could lead to incidents 

-Reviews  available logging to determine potential gaps in detection capabilities. 

-Review accuracy and tuning rule on the SIEM system  

-Reviews threat intel reports and feeds 

-Analyze User Behavior Entity / review accuracy and tuning risk score 

• Support 

-Perform other duties as assigned 

-Collect supporting information and/or relevant artifacts in support of IR Team 

-Document review User for Compliance system 

-Document standard operating procedures system prioritize 

-Renew MA