Location: Singapore, Singapore
Role Overview:
In this managerial / senior consultant to manager track role, the focus will be on leading investigations into complex cybersecurity incidents, with a particular emphasis on cyber forensics (CFIR) and digital forensics (DFIR). The ideal candidate will be responsible for crafting and executing incident response strategies tailored to client needs while ensuring compliance with regulatory standards. This position involves overseeing cross-functional teams to conduct thorough forensic analyses, identify root causes, and implement measures to mitigate future risks.
Key Responsibilities:
- Develop Cyber Incident Strategies: Work collaboratively with clients to design effective cyber incident strategies, evaluate vulnerabilities, and conduct exercises that enhance response and recovery capabilities.
- Lead Advanced Investigations: Direct investigations into sophisticated cyber incidents such as malware attacks, data breaches, and denial of service incidents. This includes collecting and analyzing digital evidence to reconstruct events and identify responsible parties.
- Provide Expert Consultation: Deliver specialized guidance on managing cyber incidents, conducting forensic analyses, and implementing best practices in incident response.
- Oversee Triage and Investigations: Manage the triage process and detailed investigations of significant cyber incidents across diverse environments, including cloud, traditional, and hybrid systems. Employ advanced forensic techniques to ensure the integrity of evidence.
- Execute Incident Response Functions: Carry out host-based analytical tasks such as digital forensics, metadata analysis, and malware examination on various operating systems (Windows, Unix, Mac OS X) to identify Indicators of Compromise (IOCs) and understand Tactics, Techniques, and Procedures (TTPs).
- Establish and Monitor Metrics: Create metrics based on the MITRE ATT&CK Framework and other security models to assess the effectiveness of incident response initiatives.
- Engage with Stakeholders: Collaborate with application and infrastructure teams to pinpoint critical components and information sources including servers, workstations, middleware, applications, databases, and logs.
- Participate in Incident Response Activities: Actively engage in incident response efforts using forensic tools and customized methodologies to detect threats and mitigate risks. Ensure compliance with legal standards to maintain the admissibility of evidence.
- Promote Leadership Development: Encourage the growth of high-performing teams by providing development opportunities while fostering collaboration and delivering exceptional value to stakeholders.
Qualifications:
- A Bachelor’s degree in a relevant field along with approximately 5 years or more of related experience.
- One or more GIAC certifications (e.g., GCFE, GCFA) or equivalent qualifications in digital forensics or incident response.
- At least 3 years of hands-on experience in cyber incident response within medium to large organizations that incorporate cloud and forensic elements.
- Proficiency with forensic tools such as EnCase Forensic, AccessData FTK, Splunk, among others.
- Familiarity with programming languages including Python, JavaScript, PHP, SQL.
- Experience in malware analysis and a solid understanding of attack techniques.
- Knowledge of enterprise logging solutions for data manipulation.
- Practical experience in DevSecOps within cloud environments including storage and monitoring services.
- Experience with containerization technologies like Docker or Kubernetes.
If you are interested in this position or other cyber security position, kindly apply with your updated CV or send to Shannagh Wu at [email protected]
Reg No. R23112660
BeathChapman Pte Ltd
Licence no. 16S8112
