Work with team members to ensure smooth daily operations and tasks prioritisation
Work with team members and stakeholders to ensure timely response to cybersecurity incident from containment till closure
Investigate cybersecurity incidents to determine root cause, involving log and digital forensic analysis or malware analysis
Assess cybersecurity threats, vulnerabilities and exploits to provide strong technical guidance to investigation and threat assessments. Recommend preventive actions and mitigations against techniques used in incident
Recommend threat detections rules, signatures (e.g., Snort, Yara, Sigma) against cyber incidents or campaigns
Prepare and review incident reports to update stakeholders. Present incident briefings including attack techniques and malware behaviours observed, risk, impact and answer enquiries from various stakeholders
Review and update incident response playbooks and maintain processes
Maintain situational awareness by keeping current with cyber security trends, threats and attackers Tactics, Techniques and Procedures (TTPs)
[What we are looking for]
Background in Information Security; or Bachelor's degree in engineering/Computer Science/Information Security or equivalent
5 years or more related work experience in cyber security incident investigations or digital forensics
Relevant professional certifications, including GIAC GCFA, GREM, GCFE, GCIH
Proficiency in Forensic toolkits such as Magnet AXIOM, Encase, X-Ways, FTK or Autopsy
Experience working in a Security Operation Centre (SOC) is advantageous
