Job Description Develop and maintain high-quality threat detection rules, queries, and alerts based on identified use cases, threat scenarios, and structured threat intelligence, including MITRE ATT&CK Tactics, Techniques and Procedures (TTPs).
Leverage the MITRE ATT&CK Framework and other forms of structured threat intelligence to enhance detection capabilities, develop contextualized alerts, and improve overall security posture.
Create and implement automated workflows and playbooks in tools such as Swimlane to enhance incident response capabilities and streamline security operation.
Continuously research and stay up to date with the latest cyber threats, attack vectors, and methodologies to improve detection capabilities.
Collaborate closely with cross-functional teams, including Security Operations Center (SOC) analysts, Incident Responders and Threat Intelligence researchers to understand and respond to emerging threats.
Evaluate and recommend new security tools, techniques, and process to enhance the organization threat detection and response capabilities.
Participate in incident response activates and provide subject matter expertise when required.
Develop and maintain documentation related to threat detection and automation processes and procedures aligning to leading practices.
Provide training and guidance to team members to enhance their understanding of threat detection methodologies, automation techniques, and structured threat intelligence.
Qualifications Prior experience in SIEM content development (LogRhythm, Splunk, QRadar, McAfee ESM, or similar SIEM platform), Splunk preferred More than 3 years' of information security experience, preferably engineering or development More than 1 years' experience supporting a SEIM platform in a content development or administrative role More than 2 years' experience performing SOC analysis and/or incident response Ability to effectively communicate with anyone, from end users to senior leadership- facilitating technical and non-technical conversations.
Deep understanding of technical concepts including networking and various cyber attacks Solid comprehension of various security controls, capabilities and use in a corporate environment Scripting (Python is preferred, but most any programming knowledge will be sufficient if engineer is willing to learn Python) Demonstrated history of innovation and/or creativity Ability to drive process improvements and identify gaps Ability to excel in a team, as an individual, in a fast-paced deadline driven organization Additional Information Our uniqueness is that we truly value yours.
Experian Asia Pacific's culture, people, flexibility and environments are key differentiators.
We take our people and equal opportunity agenda very seriously.
We focus on what truly matters; DEI, work/life balance, development, authenticity, engagement, collaboration, wellness, reward & recognition, volunteering... the list goes on.
We're an award winning organisation due to our strong people focus (Great Place To Work, Top Employer and Employer of Choice).
Experian Asia Pacific leverages cutting edge data science, inclusion and start-up mindsets to build tomorrow's credit solutions.
Innovation is a critical part of Experian's DNA and practices.
As is our diverse workforce, which drives our success.
Everyone can succeed at Experian, irrespective of their gender, ethnicity, colour, sexuality, physical ability or age.
If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.
Experian Careers - Creating a better tomorrow together Find out what its like to work for Experian by clicking here