Kindly note that Jobline will be offline for maintenance on this Friday (May 14, 2021) from 5:00 PM to 9:00 PM.

Responsibilities

  • Being on standby for 24/7 to execute the incident response process according to the incident response standard operating procedure, and to work closely with the client Threat Hunting team to effectively scope and contain incidents;
  • Conducting research and continuously improving investigative methodologies and techniques, including hard disk drive, network, and memory forensics and investigating systems for malware and reverse engineering malware;
  • Conducting and documenting research on client and the In-Scope Institution to better understand the environment, as well as researching and documenting critical services and systems. Incident response toolkits shall be regularly tested on identified critical services and systems;
  • Regularly conducting meetings with Client to improve the incident response plan and associated documentation, run through table-top dry runs to drill all parties in responding effectively, present the latest threats, attacks and gaps in the In-Scope Institution’s environment and work out how to improve the incident response procedures to match industry standards;
  • Creating and maintaining procedures for utilising the EDR and NDR tools;
  • Taking part in regular red/blue team exercises.

Requirements

  • At least 2 years of experience in hard disk drive, memory and network traffic acquisition and analysis;
  • Relevant training on the proposed products, and has obtained professional certification such as GIAC Information Assurance Certified Incident Handler (GCIH) or equivalent;
  • Good interpersonal skills and strong communication skills.