Key Words: Digital Forensics, Incident Response, Incident Investigation, Forensic Analysis, MITRE ATT&CK framework
Role: DFIR Lead
Industry: Public Sector, Security
Function: Incident Response, Incident Investigations, Forensic, Strategy
About Our Client
Our client is an influential organization working on critical projects across various industry domains. They provide opportunities to any successful candidates to learn and grow their skills and experience in a supportive and dynamic environment with aggressive growth plans and long-term job security using the latest technology innovations.
About the DFIR Lead
Our client only deals with critical and high severity incidents and hence you will be required to facilitate/oversee this in an orderly and efficient response to cyber incidents, conduct forensics analysis on endpoints and network logs to support the investigations.
You will be leading a small team of Digital Forensics professionals in the Cyber response Centre. You will perform correlation across forensics and malware investigations to understand the attacker’s objectives.
- Drive both host and network-based forensic investigation
- Analyse attack trends and assessing the impact of large-scale cyber-incidents on Singapore
- Report the progress of investigations to various stakeholders
- Explore new cybersecurity technologies and develop new capabilities with the team
- Able to contain a cyberattack or network intrusion
- Recommend technical measures to protect the victim’s data, its network, and intellectual properties
- Kick a stealthy adversary out of the network
- Guide the victim out of the situation towards recovery mode
- Provides constant updates and coordinate situation reporting back to senior management
- Manage a team of analysts to conduct digital forensics investigation back in the laboratory.
- Determine the root cause of incident, determine the initial point of intrusion
- Determine the attacker/s tactics, techniques, and procedures and their capabilities
- Traced the lateral move path of the attacker, attribute their motive
Please note: Interested Applicants must be able to work in Singapore
- Bachelor’s degree preferably in Information Technology, Computer Security, Computer Science, or any other relevant fields.
- At least 8 years of solid experience in security roles, with a focus on cyber defense such as: Digital Forensics, Cyber Incident Response, SOC, Malware Analysis.
- Expertise/experience in digital forensic, relevant professional certifications will be an advantage.
- Understanding of cyber kill chain and MITRE ATT&CK framework
- Able to lead and work as a team player
- Good written and communications skills
- Good understanding of operating systems such as Windows and Linux.
- Able to perform forensics analysis across Windows, Mac, and Linux Platform.
- Ability to analyse network and application logs.
- Professional certifications such as: EnCase Certified Examiner, AccessData Certified Examiner, SANS GIAC Certified Forensic Examiner (GCFE), GIAC Certified Forensic Analyst (GCFA), or GIAC Network Forensic Analyst (GNFA), GIAC Certified Incident Handler (GCIH), (GCED) GIAC Certified Enterprise Defender, (GCIA) GIAC Certified Intrusion Analyst, (GCDA) GIAC Certified Detection Analyst, (GCTI) GIAC Cyber Threat Intelligence, (GREM) GIAC Reverse Engineering Malware, (GSE) GIAC Security Expert
If you are interested to learn more about the above job role or any other job opportunities, please apply to this job advertisement or alternatively contact the following consultant:
SearchElect Pte. Ltd. adheres to the Singapore Ministry of Manpower Tripartite guidelines on Non-Discriminatory Job Advertisements which you can find more information about HERE. If you feel any part of this job advertisement is discriminatory please immediately raise to our attention via email@example.com. We take these matters seriously and thank you for your cooperation.