Digital Forensic & Incident Response Professional

Job Description

Certifications an advantage - SANS GIAC Certified Incident Handler / SANS GIAC Reverse EngineeringMalware / Certified Ethical Hacker (CEH) CompTIA CySA+ Job experience in DFIR an advantage Requirements: Bachelor s Degree in Computer Science or Information Technology majoring in Cybersecurity, Networking or any related field Certifications an advantage - SANS GIAC Certified Incident Handler / SANS GIAC Reverse Engineering Malware / Certified Ethical Hacker (CEH) CompTIA CySA+ Job experience in DFIR an advantage Responsibilities: Develop and maintain honeypots and supporting infrastructure and be SME on honeypots and honeypotinfrastructure Develop and maintain threat analysis lab virtual machines, cyber ranges and supporting infrastructureand be SME on lab machines and supporting infrastructure Develop and maintain open source or in-house tools, scripts, automation and systems as needed tosupport threat intelligence and incident response tasks Conduct ad hoc and periodic compromise assessments of Maybank networks and systems and reporton findings Support the Security Operations Center in validating daily security alerts by investigating the maliciousartefacts and binaries when additional coverage is needed Support IT Security by threat hunting on Maybank systems and networks and creating proactive andreactive rules to alert on threat activity Analyse code (binaries, scripts, web scripts) and malspam emails to determine malicious intent Analyse artefacts and logs to determine malicious intent and/or scope of incident Report and document results of analysis and recommend follow up actions, remediations and securitycontrol gaps to IT Security, application owners and other stakeholders Perform threat hunting on Maybank systems and networks to identify undetected threat activity andbreaches Create rules to detect adversary TTP on Maybank systems and networks