CYFIRMA is a threat discovery and cyber-intelligence platform company. The company’s flagship product, DeCYFIR, arms governments and businesses with personalized intelligence where insights are tailored to their industry, geography and technology. DeCYFIR provides clients with multi-layered intelligence covering strategic, management and operational insights. DeCYFIR’s ability to combined cyber-intelligence with attack surface discovery, vulnerability intelligence, brand intelligence, situational awareness and digital risk protection sets it apart from the competition. Clients receive insights that will enable them to conduct effective intelligence hunting and attribution, connecting the dots between hacker, motive, campaign and method to gain a comprehensive view of their threat landscape.
With DeCYFIR, clients receive early warnings of impending cyberattacks so they can act quickly to avoid a breach. DeCYFIR is designed to meet the stringent demands of CISOs, CROs, and Security Operations teams.
CYFIRMA is headquartered in Singapore with offices in Japan, India, and the US. The company is funded by Goldman Sachs, Zodius Capital, and Z3 Partners.
We are now seeking a Vice President of Threat Intelligence. The successful candidate will be a subject matter expert with hands-on experience in Cyber Security Research, Cyber Threat Intelligence, APT/Crimeware analysis, Malware Analysis, Monitoring & Incident Response, Cyber Risk Assessment, Cyber Vulnerability Analytics, Cyber Consulting, and Cyber service/delivery management. The role functions as part of our research team but often will work independently. The successful candidate can be based in Singapore or work remotely.
Responsibilities
- Deep research on nation-state threat actors, campaigns, malware from both public and dark/deep web sources to generate predictive and relevant threat intelligence to clients
- Draw risk scenarios and recommended actions based on the threat landscape to help them consume threat intelligence information
- Present research findings, reports, advisories in both public conferences/seminars/blogs/etc. and private client meetings
- Collaborate with international teams to improve research and service operations, and service platform development
- Review post technical analysis reports helping translate findings into user stories
- Responsible for the development, implementation, communication, maintenance, and governance of Cyber Research services wrapped around the in-house Threat discovery, Cyber Intelligence and Digital Risk discovery products
- Working as part of the research team, you will be the trusted adviser for Cyber Security and threat intelligence expertise, pro-actively providing hands-on guidance to in-house and client teams
- Develop, embed, and manage a world-class Cyber Research and Cyber Threat Intelligence team
- Define and maintain the Cyber Research and Cyber Threat Intelligence framework for the organization and its clients
- Lead and drive initiatives to enhance and build new Cyber Research and Cyber Threat Intelligence capabilities
- Responsible to facilitate the use of technology-based tools and methodologies to review, design and/or implement products and services meant for the Cyber Research team – Projects and BAU initiatives
- Analyze and review cyber security threats on a real-time basis such that our effectiveness in identifying and better correlating risk and threats continuously improves
- Enable a constant review of any cybersecurity-related event, assessing their risk and validity before reporting
- Manage delivery and operations of Cyber Research, Cyber Threat Intelligence solutions, services, and architectures
- Define and implement enhanced detection and protection capabilities leveraging IOCs propagation in the in-house Threat discovery and Cyber Intelligence Platform
- Support in automation and contextualization of Cyber Alerts leveraging on the in-house Threat discovery and Cyber Intelligence Platform
- Participate in developing cyber security architecture, roadmaps, strategies, business cases and remediation plans
- Define and manage Cyber Research and Threat Intelligence service / operational requirements, SLAs, SOPs
- Test and provide inputs to continuously enhance the services provided using the in-house Threat discovery and Cyber Intelligence Platform
- Responsible for preparing and presenting security solutions upgrade analysis and feasibility to client
- Establish Cyber Risk Assessment procedures
- Develop and execute Cyber Incident response process utilizing the in-house Threat discovery and Cyber Intelligence Platform, managing interconnections with impacted business process
- Perform advanced log analysis. forensics, malware analysis, and other IR-related activities as needed
- Enhance the quality of incident analytics by analyzing network traffic to assist in generating new attack signatures
- Assessment, setting up and Implementation of controls, processes, and procedures to plug the gaps in an organization’s cybersecurity posture
- Advise organizations on the best practices and selection of the appropriate security controls
Requirements
- Threat Intelligence, Security Monitoring, Triage and Incident Response functions
- Advanced Persistent Threats and Attack tools, techniques, and methods
- Cyber Network Defense & Security Intelligence
- Cybersecurity Strategy / Governance, Risk, Assessment & Compliance
- Cyber Risk assessment and management, defense in depth, offensive vs defensive techniques, investigation skills
- Forensic analysis, Malware research or EDR/SIEM event analysis (tier 2 or higher)
- Security technologies such as perimeter, TCP/IP, computer networking, routing, and switching, endpoint and data
- Penetration testing services and techniques
- Consulting – Cybersecurity and threat intelligence
- Authentication, Encryption, Digital signatures, Anti-virus, Firewall
- OSINT or paid/private security analysis tools such as Shodan, Censys, BinaryEdge, Spiderfoot, Domain tools, Virus Total, Hybrid Analysis, EDR, SIEM, IDS/IPS, AV etc.
- ISO27001 assessment – specifications for a framework of policies and procedures that include all legal, physical and technical controls involved in an organization’s risk management
- Standards for IT Security
- Proven capability to create and improve the strategy for cyber threat intelligence research, process automation, knowledge sharing, and training other members
- Expert capability to design and write scripts/programs from scratch using at least one programming language such as Python, Perl, ruby, php, JavaScript, C, C++, C#, etc.
- Experienced individual with the ability to write and present technical documents/blogs/reports/papers in both public conferences and private client meetings
- Flexible mindset and strong willingness to assist the other teams including pre-sales, partner alliances, marketing, customer success, product management, delivery and operations, etc. in Singapore, Japan, India, US, SEA and other geographies
- Excellent analytical abilities and a strong ability to think critically
- A self-driven individual contributor who can take initiatives to get things done, drive/manage the team
- Strong verbal and writing skills
- Fluent English in reading, writing, and speaking
Qualifications
- Master’s in computer science/information technology
- Degree in Cyber / Information Security, Cyber Forensics or equivalent
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- CISSP-ISAAP
- Certified The Open Group Architecture Framework (TOGAF)
- Certified GIAC Cyber Threat Intelligence (GCTI)
- CREST Certified Threat Intelligence Manager
- Certified EC-Council Computer Hacking Forensics Investigator (CHFI)
- Certified GIAC Certified Incident Handler (GCIH)
- Certified GIAC Reverse Engineering Malware (GREM)
- GIAC Certified Forensic Analyst (GCFA)
- Relevant Experience: 7 – 15 Years.
If you have the skills, join our fast-growing team to build one of the world’s most advanced cyber-intelligence platforms. Send your details to [email protected] today.