Senior Cybersecurity Incident Response Specialist

Job Description

The candidate will report to Head (CSIRT) and assist in responding to security incidents in an IT environment, such as investigate causes of intrusion, attack, loss or breach occurring in an organisation. You will identify and define cyber threats and root causes. You will require to develop reports that detail incident timeline, evidence, findings, conclusions and recommendations. In response to incident, you are responsible for managing cyber incidents and resolving the incidents in a timely manner. This includes preparation of reports, communication of findings to senior stakeholders, and recommendation of corrective actions to prevent and mitigate internal control failures. You are required to be on standby with on-call availability with varied shifts including nights, weekends, and holidays. You are required to be familiarised with industrial cyber security standards, protocols, frameworks and have good knowledge in using various cyber security tools and techniques to resolve incidents.

Responsibilities:

1. Develop and implement cyber incident response strategy

Develop approaches to combat cyber threats and mitigate risks to information systems assets
Develop guidelines to perform incident response strategies and policies
Implement processes and guidelines to perform incident response protocols, analyses data, and create incident reports
Implement mechanisms to improve cyber security measures and incident response times
Develop incident handling processes, standard operating procedures, playbooks and runbooks
Identify and develop workflows supported with technology to automate repetitive manual tasks

2. Manage cyber security incidents

Communicate and escalate security activities to leadership
Handle responses to cyber security incidents
Lead the recovery of contained cyber security incidents, following established processes and policies
Utilize appropriate cyber incident management techniques to resolve challenges

3. Oversee cyber threat analysis

Collect, analyze and store cyber threat intelligence information
Analyze past cyber-attacks to draw insights and implications on the organization
Recommend ways to enhance the resilience and security of IT systems
Propose mitigation techniques and countermeasures to ensure cyber threats are kept at a minimum

Job Requirement

Qualifications

Bachelor’s degree in computer science or related field, or a similar field. Ideally, you have completed or are about to complete a Security certification (e.g. Security+, GCIA, GCIH, CISSP)

Experiences in following areas:

1. Cyber Forensics

Able to coordinate the collection and preservation of evidence and analyse forensic evidence to draw inferences.
Experience with one or more scripting languages (PowerShell, Python, Bash, etc.)

2. Cyber and Data Breach Incident Management

3-4 years of Information Security or Incident Response related experience.
Proven experience in day-to-day operational processes such as security monitoring, data correlation, troubleshooting, security operations etc.
Troubleshoot incidents, escalate alerts to relevant stakeholder, and analyse root causes and implications of incidents.

3. Cyber Risk Management

Develop cyber risk assessment techniques and roll-out endorsed measures to address identified cyber security risks, threats and vulnerabilities

4. Security Assessment and Testing

Conduct authorised penetration testing of systems and to expose threats, vulnerabilities and potential attack vectors in systems

5. Stakeholder Management

Serve as the organisation's main contact point for stakeholder communications, clarifying responsibilities among stakeholders, and engaging them to align expectations

6. Threat Analysis and Defense

Perform static, dynamic or behavioural analysis on malicious codes and threats, debug malware and thwart malicious attacks
Experience in analyzing system and application logs to investigate security issues and/or complex operational issues. Hands on experience of any SIEM, Elasticsearch, Logstash, and Kibana (ELK), Entity Behavior Analysis (UEBA) technologies and/or log management solution and competent performing log analysis, data correlation, etc.

7. Threat Intelligence and Detection

Implement intrusion detection technology and analyse multi-source information to identify vulnerabilities, potential exploits, methods, motives, and capabilities

8. General knowledge in mainstream operating systems (Windows, Linux, etc.), network protocols, security infrastructure, etc.

Good knowledge of one or more of the following: Windows/AD file system, registry functions and memory artefacts, Unix/Linux file systems and memory artefacts, Mac file systems and memory artefacts, TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP and SMB, and etc.

*We regret that only shortlisted candidates will be notified.

View More Jobs

Starhub

StarHub, listed on the SGX-ST, is Singapore's second largest info-communications company. Since our inception, we have grown into a full-fledged organisation offering a complete range of solutions over fixed, cable, mobile and internet platforms.

Website

Full Name*
Email address*
Upload a different Resume	(Your application will be submitted using this resume instead) Choose a file Only .pdf is allowed