Cyber Security Engineer (DFIR) - AVP
TECHKNOWLEDGEY PTE. LTD.
Overall Function:
You will focus on cyber security anomaly hunting, digital forensics and incident response (DFIR), leveraging on your security knowledge and experience in using a broad array of tools and techniques to detect and respond to malicious activities. You are familiar with the Cyber Security Act 2018, Cybersecurity Code of Practice (CCoP), MAS Hygiene and Technology Risk Management Guidelines (TRMG). You will work in a highly collaborative environment with cross-functional teams.
Key Responsibilities:
Conducting research & analyzing data and evaluating intelligence; identifying patterns and trends and developing appropriate strategies
• Conduct hunting for threats and enacting identification, containment, and eradication measures while supporting recovery efforts
• Conducting research and stay up-to-date regarding the latest methods, tools, and
trends in digital forensics analysis
• Receive Tier 2/3 incident escalation from detection operations and assist with real-time, continuous (24x7) security event monitoring, response, and reporting
• Conducting forensic investigations, both internally and externally; Collecting, preserving and analyzing data and digital evidence
• Performing forensic examinations on electronic devices, including laptop and desktop computers, servers, and mobile devices; preserve and analyze data obtained from
examinations
• Writing and presenting routine reports
• Conducting vulnerability assessments, analysing scan results, and identifying security weakness in systems and applications. This includes collaborating with IT teams to prioritise and remediate identified vulnerabilities, tracking remediation progress, and ensuring that systems are patched and updated to mitigate potential security risks
• Prepare detailed reports documenting findings from digital forensic investigations and incident response activities, including technical analysis, root cause analysis, and remediation recommendations.
• Collaborating with cross-functional teams, including IT security, legal, LOD2, Human Capital Management, to support investigations and ensure alignment with organizational goals and objectives
• Sharing knowledge and conduct of exercises with team members through training sessions, workshops and documentation
Requirements:
• Degree in Computer Science, Computer Engineering or Information Security related fields
• At least 5 years' working experience with at least 2-years in incident response and digital forensics, security operations and security engineering roles
• A positive and growth mindset, with excellent analytical and problem-solving skills, with the ability to investigate complex security incidents and identify root causes.
• Ability to work effectively in a fast-paced environment, independently and as part of a team
• Familiar with MAS Technology Risk Management Guidelines, MAS Cyber Hygiene Notice and Cybersecurity Code of Practice
• In-depth knowledge of current operating environments (Microsoft, UNIX & Linux).
• Advanced understanding in the Lockheed Martin Cyber Kill Chain, STRIDE and MITRE ATT&CK framework
• Working experience in using commercial and open-source research tools to support research and analysis
• Experience with tools like Autopsy, Belkasoft RAM Capturer/DumpIt/Comae Memory Toolkit, EnCase, FTK, Volatility, Wireshark
• Experience with programming languages such as Python & PowerShell
• Cloud experience/knowledge highly advantageous
• Exceptional written, verbal communication and presentation skills; must be comfortable with public speaking and presenting findings to others, including senior leadership
• Certifications such as OSCP, GPEN, GCIA, GCIH, GCFA, GCFE, GCNFA or GREM are
highly desirable
You will focus on cyber security anomaly hunting, digital forensics and incident response (DFIR), leveraging on your security knowledge and experience in using a broad array of tools and techniques to detect and respond to malicious activities. You are familiar with the Cyber Security Act 2018, Cybersecurity Code of Practice (CCoP), MAS Hygiene and Technology Risk Management Guidelines (TRMG). You will work in a highly collaborative environment with cross-functional teams.
Key Responsibilities:
Conducting research & analyzing data and evaluating intelligence; identifying patterns and trends and developing appropriate strategies
• Conduct hunting for threats and enacting identification, containment, and eradication measures while supporting recovery efforts
• Conducting research and stay up-to-date regarding the latest methods, tools, and
trends in digital forensics analysis
• Receive Tier 2/3 incident escalation from detection operations and assist with real-time, continuous (24x7) security event monitoring, response, and reporting
• Conducting forensic investigations, both internally and externally; Collecting, preserving and analyzing data and digital evidence
• Performing forensic examinations on electronic devices, including laptop and desktop computers, servers, and mobile devices; preserve and analyze data obtained from
examinations
• Writing and presenting routine reports
• Conducting vulnerability assessments, analysing scan results, and identifying security weakness in systems and applications. This includes collaborating with IT teams to prioritise and remediate identified vulnerabilities, tracking remediation progress, and ensuring that systems are patched and updated to mitigate potential security risks
• Prepare detailed reports documenting findings from digital forensic investigations and incident response activities, including technical analysis, root cause analysis, and remediation recommendations.
• Collaborating with cross-functional teams, including IT security, legal, LOD2, Human Capital Management, to support investigations and ensure alignment with organizational goals and objectives
• Sharing knowledge and conduct of exercises with team members through training sessions, workshops and documentation
Requirements:
• Degree in Computer Science, Computer Engineering or Information Security related fields
• At least 5 years' working experience with at least 2-years in incident response and digital forensics, security operations and security engineering roles
• A positive and growth mindset, with excellent analytical and problem-solving skills, with the ability to investigate complex security incidents and identify root causes.
• Ability to work effectively in a fast-paced environment, independently and as part of a team
• Familiar with MAS Technology Risk Management Guidelines, MAS Cyber Hygiene Notice and Cybersecurity Code of Practice
• In-depth knowledge of current operating environments (Microsoft, UNIX & Linux).
• Advanced understanding in the Lockheed Martin Cyber Kill Chain, STRIDE and MITRE ATT&CK framework
• Working experience in using commercial and open-source research tools to support research and analysis
• Experience with tools like Autopsy, Belkasoft RAM Capturer/DumpIt/Comae Memory Toolkit, EnCase, FTK, Volatility, Wireshark
• Experience with programming languages such as Python & PowerShell
• Cloud experience/knowledge highly advantageous
• Exceptional written, verbal communication and presentation skills; must be comfortable with public speaking and presenting findings to others, including senior leadership
• Certifications such as OSCP, GPEN, GCIA, GCIH, GCFA, GCFE, GCNFA or GREM are
highly desirable
JOB SUMMARY
Cyber Security Engineer (DFIR) - AVP
TECHKNOWLEDGEY PTE. LTD.
Singapore
7 days ago
N/A
Full-time
Cyber Security Engineer (DFIR) - AVP