Manager - Cyber Forensics & Incident Response - SG

Date: 16 Oct 2024

Location:Singapore, Singapore, SG Kuala Lumpur, MY

• Develop Cyber Incident Strategies: Assist clients in creating comprehensive cyber incident strategies, assessing vulnerabilities, and conducting preparedness exercises to enhance their response and recovery capabilities.
• Conduct Advanced Investigations: Lead investigations into complex cyber incidents involving malware, data breaches, denial of service attacks, and other security threats.
• Provide Expert Guidance: Offer clients expert advice on handling cyber incidents, forensic analysis, and incident response best practices.
• Lead Triage and Investigations: Oversee and support detailed triage and investigations of critical cyber incidents across cloud, traditional, and hybrid environments.
• Perform Incident Response Functions: Execute host-based analytical functions, including digital forensics, metadata analysis, and malware analysis, on various systems (Windows, Unix, Mac OS X) to identify Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs).
• Create and Track Metrics: Develop and monitor metrics based on the MITRE ATT&CK Framework and other security models to measure the effectiveness of incident response efforts.
• Collaborate with Stakeholders: Work with application and infrastructure teams to identify key components and information sources, including servers, workstations, middleware, applications, databases, and logs.
• Participate in Incident Response Efforts: Engage in incident response activities using forensic tools and custom methodologies to detect and mitigate sources of compromise and malicious activities.

• Develop diverse, high-performing people and teams through new and meaningful development opportunities.
• Collaborate effectively to build productive relationships and networks.
• Understand and lead the execution of key objectives and priorities for internal as well as external stakeholders.
• Influence stakeholders, teams, and individuals positively – leading by example and providing equal opportunities for our people to grow, develop and succeed.
• Deliver superior value and high-quality results to stakeholders while driving high performance from people across Deloitte.
Apply their understanding of disruptive trends and competitor activity to recommend changes, in line with leading practices.

• Bachelor’s degree in the relevant field and approximately 5 years or more of related work experience.
• One or more GIAC (e.g., GCFE, GCFA, GREM, GCIH, GASF, GNFA, etc.), CREST or other digital forensic and/or incident response certifications.
• 8+ years of professional experience in cybersecurity and/or information security or demonstrated equivalent capability.
• 3+ years hands-on working in cyber incident response and investigations in medium to large organizations with cloud and forensics components.
• Experience with response and analysis tools such as En Case Forensic, En Case Enterprise, Access Data FTK, Volatility, SANS SIFT, Carbon Black, Internet Evidence Finder, Magnet Axiom, Splunk, Elastic Search or Crowd Strike
• Experience with programming languages such as Python, Java Script, PHP, SQL etc.
• Experience with malware analysis and understanding attack techniques.
• Experience interpreting, searching, and manipulating data within enterprise logging solutions.
• Familiarity with threat intelligence and applications within incident response investigations.
• Hands-on Dev/Sec/Ops experience with cloud environments and underlying storage, compute and monitoring services.
• Prior experience with cloud common services
• Hands-on experience with forensic investigations or large-scale incident response in cloud environments.
Hands-on experience with containerization methods and tools (e.g., Docker, Kubernetes) including incident response and digital forensics.

Requisition ID: 105778