[What the role is]
.
[What you will be working on]
- Work with team members to ensure smooth daily operations and tasks prioritisation
- Work with team members and stakeholders to ensure timely response to cybersecurity incident from containment till closure
- Investigate cybersecurity incidents to determine root cause, involving log and digital forensic analysis or malware analysis
- Assess cybersecurity threats, vulnerabilities and exploits to provide strong technical guidance to investigation and threat assessments. Recommend preventive actions and mitigations against techniques used in incident
- Recommend threat detections rules, signatures (e.g., Snort, Yara, Sigma) against cyber incidents or campaigns
- Prepare and review incident reports to update stakeholders. Present incident briefings including attack techniques and malware behaviours observed, risk, impact and answer enquiries from various stakeholders
- Review and update incident response playbooks and maintain processes
- Maintain situational awareness by keeping current with cyber security trends, threats and attackers Tactics, Techniques and Procedures (TTPs)
[What we are looking for]
- Background in Information Security; or Bachelor’s degree in engineering/Computer Science/Information Security or equivalent
- 5 years or more related work experience in cyber security incident investigations or digital forensics
- Relevant professional certifications, including GIAC GCFA, GREM, GCFE, GCIH
- Proficiency in Forensic toolkits such as Magnet AXIOM, Encase, X-Ways, FTK or Autopsy
- Experience working in a Security Operation Centre (SOC) is advantageous
- Analytical and detailed
- Good communication and interpersonal skills
- Willingness to learn