- Information Technology
- Singapore - Singapore
At Dyson, we demand the highest standard of performance from the technologies we engineer. Our people expect the same from the technology that supports them. We are a community that appreciates and advocates better engineering. A community of pioneers.
It’s no secret that our intellectual property is massively critical to our success. But how do we keep it from the prying eyes of the bad guys? Dyson’s Global Cyber Security department works effectively to keep our secrets secret and secure our crown jewels using advanced technologies to stay one step ahead of the game. We use pragmatic approach to transform cyber security to enhance our business resilience to better manage potential cyber disruption. We invest new cyber security capabilities and leverage our strong cyber security ecosystems to tackle future threats.
The Cyber Defence Team are the beating heart of Dyson’s Cyber Fusion Centre capabilities. They ensure Cyber Security incidents are managed timely and efficiently across all of our global locations.
About the roleYou'll be a part of our 24x7 Cyber Defence team provide. We are global team with presence in USA, UK, EU and APAC.
As a seasoned analyst you will perform alert monitoring, incident response, investigation and research on existing and emerging cyber threats. The position focuses on leveraging your understanding of the tactics, techniques, and procedures employed by advanced threats combined with intelligence from multiple sources to respond to a range of different and complex incidents.
You are the defenders of the Dyson network, the guardians or our secrets.
Experience and Accountabilities
Our Cyber Defence team is tasked with identifying and addressing threats to the business utilising a range of tools and technologies. The senior members of our Cyber Defence team are specialists in a number of areas with particular focus on network and endpoint forensic capabilities. We exist to ensure Dyson staff can innovate in a safe environment allowing Dyson to deliver exciting technology to the market before our competitors.
To be a Lead Cyber Defence Analyst at Dyson we would like candidates to demonstrate experience in:
- Delivering an enterprise level service where you have identified attacks, intrusions, unusual or illegal activity and acted in line with an incident management or response plan.
- Acting as a leader within a SOC environment, develop non-senior members of the team and challenge existing approaches with a view to delivering greater efficiency.
- Working in a close-knit team but with an ability to take the initiative to deliver innovative approaches.
- Own and author SOC playbooks, ensured they are followed and that they are regularly reviewed to identify better ways of working.
- Reviewing new technologies, working on proof of concepts and helping to decide the future technology stack of a SOC.
- Utilising a range of intelligence sources to hunt for threats across an infrastructure. Taking the lead in threat hunting and training junior members of the team to help them develop in to seasoned Cyber Defence Analysts.
- Identifying opportunities to automate response to alarms, helping to drive maximum efficiency in a SOC to ensure time and resource availability to identify the true threats.
- Staying up to date with current security trends, attack approaches, campaigns and APT groups with a view to utilizing that knowledge while identifying threats to the business.
We are looking for team members with an exceptional track-record of delivering security to a range of business types and sizes. You’ll bring the following:
- Expert knowledge and hands-on management of a SIEM/SOAR tools including the ability to analyse business practices, derive security use-cases and build alarm rules to cater to them.
- Strong knowledge of cyber threat hunting, advanced attack vectors and using cyber intelligence to proactively discover threat behavior.
- Strong knowledge in network and host-based security as a minimum as well as experience in web application security and client-server application security.
- Strong knowledge of approaches to exploiting Windows, Mac OS and Linux operating systems.
- Significant experience of utilizing a range of SOC technologies such as Endpoint Detection and Response tools (for example Carbon Black, Crowdstrike, Cybereason), Email Security Gateway (for example Symantec Email Security, Cisco Ironport), Web Security Proxy (for example Zscaler, Websense, Barracuda).
- Expert knowledge of a range of log types and headers with particular focus on email headers, IIS logs, AD logs etc.
- Practical knowledge of industry standard frameworks such as ISO 2700x, NIST, ITIL, etc.
- Experience of securing organisations in line with industry best practices such as CIS, SANs, OWASP, CSA.
- Knowledge of industry regulations such as PCI DSS, GDPR, China CSL, etc.
- Experience of a range of open source tools, technologies and sites for extending analysis capability (for example Wireshark, VirusTotal, Hybrid Analysis, Cuckoo, MISP etc.).
- Ability to translate and distil complex technical information across all levels of the organisation as required for the audience.
Our culture is unique. It's not easy or comfortable. It's certainly not for everyone, but if you thrive on challenge and are excited by change – it could be for you.
BenefitsDyson monitors the market to ensure competitive salaries and pension contributions. Beyond that, you’ll also enjoy a profit-related bonus, generous leave and life insurance. But financial benefits are only the start of a Dyson career. Rapid professional growth, leadership development and new opportunities abound, driven by regular reviews and dynamic workshops. And with a vibrant culture, flexible working hours, the latest devices and a relaxed dress code reflecting our engineering spirit, it’s an exciting team environment geared to creativity, innovation and ambition.#LI-DYSON
We are following the government guidelines regarding COVID19. At this time all interviews will be conducted via video or telephone. We’re taking these precautionary measures to protect both our employee and candidate wellbeing. Our Talent Acquisition team will work with you and provide further information as appropriate.