• Competitive
  • Singapour, Singapore
  • CDI, Plein-temps
  • OCBC Bank
  • 2018-12-18

Cyber Forensics & Incident Response

Cyber Forensics & Incident Response

  • Perform Cyber Threat Hunting on a daily basis.
  • Identify, design and develop new cyber threat hunting rules and use cases.
  • Identify weaknesses in cyber defence tools (e.g. testing of new exploit POC) and recommend mitigation measures.
  • Perform breach investigation and digital forensics during an escalation / incident.
  • Help determine the extent of the compromise, attributes of any malware involved and possible data exfiltrated. Accurately describe the details of an incident.
  • Develop forensic and investigative reports.
  • Develop and manage breach investigation and forensics programs.
  • Develop and manage current knowledge of tools and best-practices in breach investigation and forensics.
  • Manage external breach retainer service provider in delivering their services.
  • Manage malware analysis lab environment.
  • Support the team for other cyber defence related matters.


Qualifications
  • At least 5 years of experience in cyber security fields.
  • Knowledge of the various attack phases and the kill chain methodology.
  • Knowledge of the latest cyber attack tactics, techniques used by adversaries.
  • Experience in host, network and mobile forensic and breach intrusion investigation.
  • Experience in malware analysis.
  • One or more of the following technical certificates: GIAC, GCIH, GCFA, GREM or equivalent
  • Able to make decisions on remediation and propose countermeasures in support of breach intrusion remediation.
  • Experience in performing live response on systems in support of breach intrusion investigation
  • Experience in performing complete forensic duplication of the systems.
  • Expertise in analysis of TCP/IP network communication protocols
  • Experience conducting analysis of electronic media, packet capture, log data and network devices in support of breach intrusion analysis.
  • Experience in computer exploitation tactics, techniques and procedures
  • Experience in analysing malwares, identifying packers and compilers, reviewing PE file structure, carve and examine recovered data, researching interesting strings, dissembling and performing detailed reverse engineering on malware samples
  • Experience in forensics and investigative report writing that can withstand legal scrutiny.
  • Experience in live response and forensics tools and methodology.
  • Experience in scripting language such as Python or other scripting languages.
  • Experience in deploying forensics toolkit to support intrusion investigation
  • Experience in chain of custody is followed for all electronic media acquired in accordance with existing regulations
  • Experience in conducting breach investigation and forensics in a cloud environment.
  • Experience in developing and maintaining cyber threat investigation toolset and lab.
  • Hands-on and a self-starter, and comfortable dealing with multiple stakeholders in a fast-paced environment