Job Description

[What the role is]

[What you will be working on]

• Work with team members to ensure smooth daily operations and tasks prioritisation
• Work with team members and stakeholders to ensure timely response to cybersecurity incident from containment till closure
• Investigate cybersecurity incidents to determine root cause, involving log and digital forensic analysis or malware analysis
• Assess cybersecurity threats, vulnerabilities and exploits to provide strong technical guidance to investigation and threat assessments. Recommend preventive actions and mitigations against techniques used in incident
• Recommend threat detections rules, signatures (e.g., Snort, Yara, Sigma) against cyber incidents or campaigns
• Prepare and review incident reports to update stakeholders. Present incident briefings including attack techniques and malware behaviours observed, risk, impact and answer enquiries from various stakeholders
• Review and update incident response playbooks and maintain processes
• Maintain situational awareness by keeping current with cyber security trends, threats and attackers Tactics, Techniques and Procedures (TTPs)

[What we are looking for]

• Background in Information Security; or Bachelor’s degree in engineering/Computer Science/Information Security or equivalent
• 5 years or more related work experience in cyber security incident investigations or digital forensics
• Relevant professional certifications, including GIAC GCFA, GREM, GCFE, GCIH
• Proficiency in Forensic toolkits such as Magnet AXIOM, Encase, X-Ways, FTK or Autopsy
• Experience working in a Security Operation Centre (SOC) is advantageous
• Analytical and detailed
• Good communication and interpersonal skills
• Willingness to learn