CTI - CTH Lead Engineer (Cybersecurity)

TL;DR

Lead Engineer (Cybersecurity): Conduct proactive threat hunting and incident investigation, developing and managing Cyber Threat Intelligence with an accent on applying structured methodologies like MITRE ATT&CK and leveraging EDR/SIEM tools. Focus on deep technical analysis of adversary tactics, automating processes, and improving overall security operations.

Location: Singapore

Company

hirify.global is a global company providing Software and Digital Engineering solutions across various domains including Cloud Services, Product Engineering, Data & Analytics, and Cybersecurity.

What you will do

• Conduct proactive threat hunting activities across various environments (endpoints, networks, cloud).
• Develop and maintain threat hunting hypotheses based on current threat intelligence and organizational risk assessments.
• Develop custom scripts and tools to automate threat hunting processes and improve efficiency.
• Analyze security logs, network traffic, and endpoint data to identify malicious activity and investigate security incidents.
• Develop and manage Cyber Threat Intelligence, staying up to date on the latest threat landscape and mapping adversary behaviors to ATT&CK techniques.
• Contribute to the development and improvement of threat hunting strategies, processes, and playbooks.

Requirements

• Deep technical knowledge of adversary tactics, malware analysis, intrusion detection, and cloud security.
• Familiarity with EDR/XDR solutions, SIEM platforms, data pipelines, and threat hunting tooling.
• Ability to apply structured threat hunting methodologies leveraging frameworks such as MITRE ATT&CK.
• Strong analytical skills to identify malicious activity and provide detailed reports on findings.
• Ability to present findings and recommendations to technical and executive audiences.
• English: B2 required

Culture & Benefits

• Work for a global company offering diverse Software and Digital Engineering solutions.
• Commitment to hiring professionals based solely on their skills.
• Opportunity to contribute to the continuous improvement and maturing of security operations.
• Collaborate with other security teams (incident response, vulnerability management) to share threat intelligence.