Careers

Job Requirement

• 8-10 years in Cybersecurity practice
• Bachelor in Computer Science/IT or equivalent
• Design, develop and implement cybersecurity functionalities and ecosystem solutions.
• Effort Estimation, allocation and tracking of tasks.
• Define cybersecurity and its ecosystem requirements and take the lead on operational and technical releases and enhancements.
• Have excellent organization and problem-solving skills.
• Hands-on experience in software development and agile methodologies
• Manage the team and provide effective guidance. You will be responsible for supervising, managing and motivating team members on a daily basis.
• Contact point for all team members, so your communication skills should be excellent.
• Should be able to act proactively to ensure smooth team operations and effective collaboration.
• Lead by setting a good example and engage the team to achieve goals.

Responsibilities

• Develop high-quality cyber intelligence functionalities, software design and architecture
• Identify, prioritize and execute tasks in the product release, enhancements and software development life cycle
• Develop tools and applications by producing clean, efficient code, configuration and ecosystem
• Automate tasks through appropriate tools and scripting
• Review and debug code
• Perform validation and verification testing
• Collaborate with internal teams and vendors to fix and improve products
• Document development phases and monitor systems
• Ensure cybersecurity product is up to date with latest technologies
• Create an inspiring team environment with an open communication culture
• Delegate tasks and set deadlines
• Oversee day-to-day operation

Required Skills

• Expertise in Java and Spring
• Expertise in RDBMS like MySQL
• Expertise in MongoDB and Elasticsearch
• Knowledge of AI and ML

Malware Researchers is a key role at Cyfirma, working with clients’ CIRT and Threat Hunting functions. The Analyst’s responsibilities vary from day to day depending on external events and internal drivers for information and analysis. We are looking for an analyst with 2-5 years’ experience in cybersecurity practice with a Bachelor’s in computer science/IT or equivalent as well as security certification (either of GIAC – GREM, GCTI, CHFI, CEH, Security+ etc).

Responsibilities

• Analyze security incidents (trojan, backdoor, rootkit, worm, ransomware) to answer who, what, why and how of a cyber attack
• Reverse engineer malware samples to figure out attack mechanism, security risks, attacker motive and possibly – attacker identity
• Understand unpacking, deobfuscation, and anti-debugging techniques
• Investigate email crimes (such as phishing, spoofing, CEO fraud, Identity fraud) by analyzing email headers, tracing email origin and correlating findings with OSINT
• Classify malware based on threats and commonalities
• Collect, analyze, investigate, store, and disseminate indicators of compromise (IOCs) and threat intelligence
• Produce well-written analyses and recommendations for threat detection and remediation
• Keep up to date with latest malware outbreaks, exploits, and attack mechanisms
• Participate in research and development of new methods and systems for malware analysis and cyber attribution

Required Skills

• Hands-on experience in reverse engineering, including debuggers such as OllyDbg and disassemblers such as IDA Pro
• Hands-on experience of dynamic analysis using tools such as Wireshark, Regshot, Process Monitor and Process Explorer
• Working knowledge of file formats such as PE, PDF, SWF, etc.
• IDS/IPS, SIEM and AV – an understanding of the tools/methods used to digitally secure a network
• TCP/IP, computer networking, routing, and switching – an understanding of the fundamentals: protocols and functioning of the internet, operating systems, and applications
• Familiarity with Python scripting is a advantage
• Able to think critically to pass those exams and/or need prior security experience
• Strong analytical skills

Job Brief

A seasoned analyst with 5-7 years’ experience in cybersecurity practice with Bachelor’s in computer science/IT or equivalent security certification (either of GCTI, CHFI, CEH, Security + etc).

Job Responsibilities

• Discover and gather threat data from multiple sources using internal and external methodologies.
• Develop a methodology for threat data mining to uncover the threat actors and threat vectors.
• Maintain, develop, and continuously evaluate cyber, brand & threat intelligence/data sources
• Maintain an understanding of the overall threat landscape (cyber, malware, botnets, phishing, DDoS, physical)
• Collect, analyze, investigate, store, and disseminate indicators of compromise (IOCs), threat
  intelligence
• Provide support to the Security Incident Response Team and SOC in the effective detection, analysis, and containment of attacks, as well as researching potential IOCs and linking to intelligence
• Monitoring of security procedures and practices; recommend optimizations and improvements when gaps are identified
• Stay up to date on ever growing attack mechanisms and exploits
• Monitor Deep/Dark web forums (manually and with the help of proprietary technology) to find content
  infringement/ data leak and malware signatures
• You will interact with product team to create detailed product requirements
• Working with security vendors to understand their solution offerings and advise clients on
  appropriate technologies
• Facilitating use of technology-based tools or methodologies to review, design and/or implement product.
• Incident response process and business process
• Developing and Implementation of Security posture
• Developing Incident Response process intermingling with Business process
• Contribute towards development of new solution and improvements to existing solutions
• Review Cyber Security Threats on a real-time basis
• Reviewing security-related events, assessing risk and validity, as well as reporting

Required Skills

• Knowhow:
  • Security technologies i.e. perimeter, network, endpoint and data, TCP/IP, computer networking, routing and switching
  • IDS/IPS, SIEM and AV – understanding of tools used to digitally secure organization
  • ISO27001 assessment – specifications for a framework of policies and procedures that include all legal, physical and technical controls involved in an organization’s risk management
  • Knowledge of risk management, defense in depth, offensive vs defensive techniques, investigation skills
  • Researching, writing reports, proofreading presentations and articles, communications skills,
  • Python, Elastic Search, scripting, Linux/Unix
  • Reverse Engineering malware, assembly language, Windows scripting
• Should be able to comprehend and help define
  • Security Strategy / Governance, Risk & Compliance
  • Standards for IT Security
• Experience in the following areas will be an added advantage
  • Content preparation, presentation, and assessing service offerings over competitors
  • Identify and inform about cyber security risks that apply to a business function
  • Cyber Network Defense & Security Intelligence
  • Experience in Authentication, Encryption, Digital signatures, Anti-virus, Firewall.
  • Cyber Network Defense & Security Intelligence
• Strong verbal and writing skills. Able to demonstrate ability to write clear and concise text using good English and correct grammar.
• Excellent analytical abilities and a strong ability to think critically
• A self-driven individual contributor who can take initiatives to get things done

Threat Intelligence Analyst is a key role at CYFIRMA, which entails working closely

with the Client Success Team in Japan. The analyst is expected to be self-driven with an excellent researcher mindset and doer attitude.  The candidate should have 2-5 years’ experience with a Bachelor’s in Computer Science/IT or equivalent as well as security certifications SANS GIAC/GCTI/OSCP, EC Council CEH.

Job Responsibilities

• Collecting information about Internet-based malware-related criminal activities, threat actors and their campaigns
• Collecting information about the latest system/software vulnerabilities and exploits
• Monitoring industry-specific threat trends, and translating them into actionable intelligence for Chief Risk Officer
• Monitoring data breaches and compromise and derive actionable intelligence
• Leveraging advanced analysis techniques to detect social media abuse, brand impersonation and other reputational and security threats on digital/social media
• Analyzing malware infection artifacts through static and dynamic analysis techniques, enriching the collected data points with external sources; performing threat research surrounding security incidents to identify context useful for detection, containment and response

Required Skills

• Up to date knowledge of threat actors and their Tools, Techniques and Procedures; familiarity with MITRE ATT&CK Framework, MISP etc.
• Continuously improve processes for enhancing threat detection
• Knowledge and understanding of attack methodologies and countermeasures
• Working Knowledge of security controls like IPS, WAF, Firewall, SIEM
• Understanding of Enterprise IT infrastructure – Operating system, Active Directory, Proxy, Netflow, Packet capture, DNS, Email
• Strong verbal and writing skills
• Excellent analytical abilities and a strong ability to think critically when looking at risk
• Self-driven who can take initiative to get things done on their own without waiting to be told