AVEVA is a global leader in industrial software. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life – such as energy, infrastructure, chemicals and minerals – safely, efficiently and more sustainably.
We’re the first software business in the world to have our sustainability targets validated by the SBTi, and we’ve been recognized for the transparency and ambition of our commitment to diversity, equity, and inclusion. We’ve also recently been named as one of the world’s most innovative companies.
If you’re a curious and collaborative person who wants to make a big impact through technology, then we want to hear from you! Find out more at AVEVA Careers.
For more information about our privacy policy and how to manage cookies, visit our Privacy Policy.
Job Title: Cyber Security Threat Hunter
Location: Kuala Lumpur, Malaysia
Employment Type: Full time, regular (hybrid work arrangements)
The job
The Cyber Security Threat Hunter will assist Cyber Threat Hunter Manager, Head of Cyber Threat Intelligence & Hunting, work closely with other Cyber Security Threat Hunters, Cyber Threat Intelligence Team, DFIR Team, Red Team, and Digital Security team to proactively hunt & mitigate Cyber Security known and unknown threats used by the Threat Actors.
Cyber Security Threat Hunter focused on both proactive and reactive cyber threat hunting operations across AVEVA networks to continuously identify and disrupt the adversary while consistently improving detection capability and efficiency for the AVEVA’s security solution controls.
Key responsibilities
Assist on identifying and tracking threat actor groups of their techniques, tools, and procedures (TTPs) while maintaining current knowledge of tools and best practices of Advanced Persistent Threats (APT)
Perform proactive and reactive cyber threat hunting activity using cyber threat intelligence data, analysis of anomalous log data, and results of collaborative brainstorming sessions to detect and eradicate threats.
Use the MITRE ATT&CK framework to analyze malicious campaigns and evaluate the effectiveness of security technologies.
Assist and collaborate with Cyber Threat Hunter Manager on researching and contributes to provide world class security techniques and automation for internal use that enable the team to operate at high speed and broad scale
Assist Cyber Threat Hunter Manager to collaborate with AVEVA’s Cyber Security Threat Intelligence Team on the cyber threat Intelligence feeds and solutions to identify threats, prioritize, recommend countermeasures, and perform advanced network & host analysis in the event of a compromise
Collaborate with Cyber Threat Hunter Manager to determine true threats, false positives and network system misconfigurations and provide recommendation and solutions to issues detected in a timely manner
Support Cyber Threat Hunter Manager on development and socialisation of the end-to-end framework and processes for the management of cyber threat hunting services across the group.
Support on collaborating with internal security teams, security programs and 3rd party to provide data driven insights into existing and emerging threats
Support cyber threat intelligence team to provide threat informed defenses to improve the prioritization of preventative controls and mitigations to improve defenses of AVEVA
Support Cyber Threat Hunter Manager to engaged and collaborate with Red Team to analyze and evaluate the effectiveness of existing security controls against identified TTPs
Provide support to DFIR Team on internal security incidents by performing reactive cyber threat hunting activity during investigations and building a common understanding of cyber threat activities
Proactively identifying, investigating, and provide support on hunting the potential attacks and security risks on AVEVA networks and systems using various platform dashboards and cyber threat feeds
Develop operations processes, procedures, and checklist documentations, such as cyber threat hunting process, playbooks, and guidelines
Support in incident response activity from cyber threat hunter perspective using AVEVA defined Security Incident Response framework such as NIST
Reports to Cyber Threat Hunter Manager and Head of Cyber Threat Intelligence & Hunting on concerning security events, incident trends, residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance
Works with DFIR Team and any required partners/business functions such as R&D to resolve security events, incidents, and service requests from cyber threat hunting perspective
Ensures compliance of security processes and procedures and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained
Provide insight on cyber threat Intelligence security advisories, blogs, and other communication channels on current and emerging security threats to AVEVA assets and people via the security awareness programme
Operate cyber threat hunting reporting service against defined schedule and agreed reporting templates
Be available to provide reactive support to critical security incidents outside standard business hours as part of a rotation
Additional Duties
Under the guidance of Cyber Threat Hunter Manager
Assist with control improvements to identify control weaknesses and contributes to threat advisories
Participates in security investigations and compliance reviews, as requested by internal or external team
Maintain awareness of applicable regulatory standards, upstream risks, and industry leading security practices
Provide feedback and recommendations on existing and new security tools and techniques for the improvement of analysis, hunting, incident investigation and security controls
Participate in incident response tabletop exercises and simulations to refine threat hunting and incident response procedures
Provide input into the organization's cybersecurity strategy based on threat hunting insights and findings
Assist in the development and implementation of threat detection use cases within security tools
Desired skills (Occupational personality)
Strong analytical thinking skills with strong written and verbal communication and a good attention to detail
Ability to work both independently and collaboratively as a team member, be curious and to ask questions
Ability to interact with AVEVA's personnel at all levels and across all business units and organizations, and to understand business objectives and values
A strong internal client focus, with the ability to manage expectations appropriately, to provide a superior internal client experience and build long-term relationships
Passionate about security, with a keenness to develop own skills and knowledge outside of working environment
Confident in recording and presenting key findings and conclusions to different levels of the business
AVEVA requires all successful applicants to undergo and pass a comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria.
AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business.
Come and join AVEVA to create the transformative technology that enables our customers to engineer a better world.