Associate, Threat Hunt and Response

Ensign is hiring
- Job Description - Associate Consultant, Threat Hunting & Response
- Responsibilities:
- Collaborate with the team and be responsible for the delivery of client engagements, providing updates to the engagement and/or team lead-
- Contribute to the project delivery of the Ensign Consulting - Threat Hunting & Response business; aligns with the project schedule for deliverables and milestones; adaptable to the needs and requirements of the engagement; communicates effectively with clients and internal stakeholders;-
- Assist in the response to cyber security incidents and providing efforts in determining the criticality of an incident, investigation of incident actions, appropriate containment, and performing mitigation activities;-
- Understanding and familiarity with the phases of the Incident Response life cycle of: analysis, containment, eradication, remediation, recovery;-
- Ability to perform malware analysis and reverse engineering will be desirable;-
- Contributing to the improvements of the incident response and threat hunting processes by taking advantage of the integration with new technologies and capabilities;-
- Participating in the program development plan, which includes development of threat hunting hypothesis, and to continually improve IR Playbooks, SOPs alignments and training;-
- Participating in the communication and documentation of the hunt results, details of incidents, and creating status reports of tasks performed to stakeholders;-
- Staying abreast of the latest information security controls, practices, techniques and capabilities in the marketplace; leading internal skills development activities for information security personnel on the topic of security monitoring and incident response, by providing mentoring and by conducting knowledge sharing sessions;-
- Familiarization with industry digital forensics tools and threat hunting platforms;-
- Assisting in the preparation and delivery of clear and concise technical & management reports and formal papers (when necessary) on incident findings to the different levels of customer-end stakeholders including the management. This includes making appropriate level presentations to the customer’s stakeholders;-
- Researching and keeping up-to-date with technological trends in relation to cyber security, threat hunting, and digital forensics;-
- Performing other job-related duties as assigned**Requirements**:
- Experience with threat hunting, incident response handling, and/or digital forensics investigations-
- Bachelor’s Degree in computer engineering, Computer Science, Cyber Security, Information Security or other equivalents-
- Ability to travel 20% of the time- Preferred Skills/Qualities:
- Experience supporting or providing expert witness testimonials-
- Experience in data analysis-
- Experience in log analysis-
- Experience in reverse malware analysis-
- Experience with research, technical and business documentation and analysis-
- Experience in consulting, including both internal and client facing experiences-
- Knowledge of the Singapore Law, Singapore Government regulations and policies-
- Ability to obtain a security clearance-
- Ability to demonstrate flexibility, initiative and innovation in dealing with ambiguous, fast-paced situations-
- Ability to show proficiency in one or more regional languages and dialects-
- Ability to show proficiency in Microsoft Office, Power BI and Tableau-
- Ability to show proficiency in Forensic Toolkits, e.g. EnCase Forensics, FTK Forensics, Magnet Forensics and Write Blockers-
- Ability to show proficiency in Electronic Discovery solutions, e.g. Relativity, Nuix and EnCase-
- Ability to show proficiency in reverse malware engineering tools, e.g. IDA Pro-
- Ability to show proficiency in programming and scripting, e.g. Java,.NET Programming, Python & PERL scripting, etc-
- Possession of excellent presentation and briefing skills-
- Possession of excellent oral and written communication skills-
- Professional certifications, including EnCE, GCIH, GCFE, GCFA, GREM, GNFA, GASF, GCTI, CISSP, or other relevant certification