Cyber Defense Analyst (Forensics) Cyber Defense Analyst (Forensics) …

in Singapore, Singapore, Singapore
Permanent, Full time
Be the first to apply
in Singapore, Singapore, Singapore
Permanent, Full time
Be the first to apply
Cyber Defense Analyst (Forensics)
  • Perform breach investigation and digital forensics of an incident
  • Help determine the extent of the compromise, attributes of any malware involved and possible data exfiltrated
  • Accurately describe the details of an incident
  • Develop forensic and investigative reports
  • Develop and manage breach investigation and forensics programs
  • Develop and manage current knowledge of tools and best-practices in breach investigation and forensics.
  • Manage external breach retainer service provider in delivering their services.

  • Experience in host, network and mobile forensic and breach intrusion investigation.
  • One or more of the following technical certificates: GIAC, GCIH, GCFA, GREM or equivalent
  • Experience in performing live response on systems in support of breach intrusion investigation
  • Experience in performing complete forensic duplication of the systems.
  • Expertise in analysis of TCP/IP network communication protocols
  • Experience conducting analysis of electronic media, packet capture, log data and network devices in support of breach intrusion analysis.
  • Experience in computer exploitation tactics, techniques and procedures
  • Experience in analysing malwares, identifying packers and compilers, reviewing PE file structure, carve and examine recovered data, researching interesting strings, dissembling and performing detailed reverse engineering on malware samples
  • Able to make decisions on remediation and propose countermeasures in support of breach intrusion remediation.
  • Experience in forensics and investigative report writing that can withstand legal scrutiny.
  • Experience in live response and forensics tools and methodology.
  • Experience in scripting language such as Python or other scripting languages.
  • Experience in deploying forensics toolkit to support intrusion investigation
  • Experience in chain of custody is followed for all electronic media acquired in accordance with existing regulations
  • Experience in conducting breach investigation and forensics in a cloud environment.
  • Hands-on and a self-starter, and comfortable dealing with multiple stakeholders in a fast-paced environment