Bachelor’s degree in computer science or related field, or a similar field. Ideally, you have completed or are about to complete a Security certification (e.g. Security+, GCIA, GCIH, CISSP)
Experiences in following areas:
1. Cyber Forensics
- Able to coordinate the collection and preservation of evidence and analyse forensic evidence to draw inferences.
- Experience with one or more scripting languages (PowerShell, Python, Bash, etc.)
2. Cyber and Data Breach Incident Management
- 3-4 years of Information Security or Incident Response related experience.
- Proven experience in day-to-day operational processes such as security monitoring, data correlation, troubleshooting, security operations etc.
- Troubleshoot incidents, escalate alerts to relevant stakeholder, and analyse root causes and implications of incidents.
3. Cyber Risk Management
- Develop cyber risk assessment techniques and roll-out endorsed measures to address identified cyber security risks, threats and vulnerabilities
4. Security Assessment and Testing
- Conduct authorised penetration testing of systems and to expose threats, vulnerabilities and potential attack vectors in systems
5. Stakeholder Management
- Serve as the organisation's main contact point for stakeholder communications, clarifying responsibilities among stakeholders, and engaging them to align expectations
6. Threat Analysis and Defense
- Perform static, dynamic or behavioural analysis on malicious codes and threats, debug malware and thwart malicious attacks
- Experience in analyzing system and application logs to investigate security issues and/or complex operational issues. Hands on experience of any SIEM, Elasticsearch, Logstash, and Kibana (ELK), Entity Behavior Analysis (UEBA) technologies and/or log management solution and competent performing log analysis, data correlation, etc.
7. Threat Intelligence and Detection
- Implement intrusion detection technology and analyse multi-source information to identify vulnerabilities, potential exploits, methods, motives, and capabilities
8. General knowledge in mainstream operating systems (Windows, Linux, etc.), network protocols, security infrastructure, etc.
- Good knowledge of one or more of the following: Windows/AD file system, registry functions and memory artefacts, Unix/Linux file systems and memory artefacts, Mac file systems and memory artefacts, TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP and SMB, and etc.
*We regret that only shortlisted candidates will be notified.