Consultant, Threat Hunting & Response

Responsibilities:

• Collaborate with the team and be responsible for the delivery of client engagements, providing updates to the engagement and/or team lead
• Contribute to the project delivery of the Ensign Consulting – Threat Hunting & Response business; aligns with the project schedule for deliverables and milestones; adaptable to the needs and requirements of the engagement; communicates effectively with clients and internal stakeholders;
• Assist in the response to cyber security incidents and providing efforts in determining the criticality of an incident, investigation of incident actions, appropriate containment, and performing mitigation activities;
• Understanding and familiarity with the phases of the Incident Response life cycle of: analysis, containment, eradication, remediation, recovery;
• Ability to perform malware analysis and reverse engineering will be desirable;
• Contributing to the improvements of the incident response and threat hunting processes by taking advantage of the integration with new technologies and capabilities;
• Participating in the program development plan, which includes development of threat hunting hypothesis, and to continually improve IR Playbooks, SOPs alignments and training;
• Participating in the communication and documentation of the hunt results, details of incidents, and creating status reports of tasks performed to stakeholders;
• Staying abreast of the latest information security controls, practices, techniques and capabilities in the marketplace; leading internal skills development activities for information security personnel on the topic of security monitoring and incident response, by providing mentoring and by conducting knowledge sharing sessions;
• Familiarization with industry digital forensics tools and threat hunting platforms;
• Assisting in the preparation and delivery of clear and concise technical & management reports and formal papers (when necessary) on incident findings to the different levels of customer-end stakeholders including the management. This includes making appropriate level presentations to the customer’s stakeholders;
• Researching and keeping up-to-date with technological trends in relation to cyber security, threat hunting, and digital forensics;
• Performing other job-related duties as assigned

Requirements:

• at least 3 years of experience with threat hunting, incident response handling, and/or digital forensics investigations
• Experience in consulting, including both internal and client facing experiences
• Ability to obtain a security clearance
• Bachelor’s Degree in computer engineering, Computer Science, Cyber Security, Information Security or other equivalents
• Ability to travel 20% of the time

Preferred Skills/Qualities:

• Experience supporting or providing expert witness testimonials
• Experience in data analysis
• Experience in log analysis
• Experience in reverse malware analysis
• Experience with research, technical and business documentation and analysis
• Knowledge of the Singapore Law, Singapore Government regulations and policies
• Ability to demonstrate flexibility, initiative and innovation in dealing with ambiguous, fast-paced situations
• Ability to show proficiency in one or more regional languages and dialects
• Ability to show proficiency in Microsoft Office, Power BI and Tableau
• Ability to show proficiency in Forensic Toolkits, e.g. EnCase Forensics, FTK Forensics, Magnet Forensics and Write Blockers
• Ability to show proficiency in Electronic Discovery solutions, e.g. Relativity, Nuix and EnCase
• Ability to show proficiency in reverse malware engineering tools, e.g. IDA Pro
• Ability to show proficiency in programming and scripting, e.g. Java, .NET Programming, Python & PERL scripting, etc
• Possession of excellent presentation and briefing skills
• Possession of excellent oral and written communication skills
• Professional certifications, including EnCE, GCIH, GCFE, GCFA, GREM, GNFA, GASF, GCTI, CISSP, or other relevant certifications