Cyber Incident Response Consultant

Job ID:40371
Location:Singapore
Position Category:Information Technology
Position Type:Employee Regular

**About Nettitude**

At LRQA Nettitude our focus has always been on excellence in cyber security. We have teams that offer world-class services in red teaming, penetration testing, threat intelligence, research and development, detection and response, governance, risk, and compliance, and plenty more. Our business is global and so are our clients. We work closely with central banks, central and local government, critical national infrastructure, large retailers, and plenty more besides

**Role**:
Working as a Cyber Incident Response Consultant within our Defensive Security Services (DSS) team, you will deliver incident response engagements and professional services to existing and new/emergency customers. You will encounter a wide range of compromises, network environments and security technologies.

You will be working closely with the DSS SOC and SOC Consultancy team, conducting and/or leading investigations from triage call through to incident completion. You will represent LRQA Nettitude’s excellent professional standard to customers while working alongside other NCIRT and LRQA Nettitude Consultants. You will have desire and passion to stay up to date with emerging threats, investigate new detections and solutions for customer and NCIRT improvements. Working with a highly motivated team, you will focus on triage, analysis and investigation of suspicious binaries, files, data and logs.

As a member of Nettitude’s Defensive Security Service (DSS) team you will provide first class service to both Internal and External Customers, delivering excellence in all areas of your work.

**Location**

This role is based in the Singapore. The role is office-based with some flexible remote working. Occasional travel to client site for project work is required.

**What you’ll be doing in your role**:

- As a Cyber Incident Response Consultant, you'll need to:

- Conduct analysis and investigation of cyber security events across Windows, Linux, Cloud and Hybrid environments
- Conduct digital imaging and forensic investigation tasks on Windows and Linux hosts.
- Conduct initial triage on suspicious artefacts using both commercial and bespoke tools
- Provide customer training engagements to develop internal and external stakeholder preparedness for dealing with cyber incidents
- Provide written and verbal reports to the wider IR team, senior business partners (internal and external)
- Conduct ongoing research around the threat landscape, including threat actors, TTPs and develop IR actions, investigation strategies and tooling
- A team-first, collaborative approach working across all relevant technical teams to identify opportunity for improvement in detection sets.
- Excellent problem-solving skills and self-motivated to learn and upskill regularly.
- A strong desire to continually challenge and develop yourself as part of a fast-paced, high-performing team

**Key Skills**:
The following are strong recommendations and in most cases prerequisites of the role.
- Demonstrably strong incident management and analytical skills.
- Demonstrably strong written and speaking English skills.
- Demonstrably strong understanding of Threat Actor TTP’s.
- Demonstrable ability to work on own projects and within a team.
- Experience with Network Detection and Response solutions
- CREST CRIA or equivalent level IT security-related certification.
- Familiar with PDPA and regulations set forth by the Singaporean Government and relevant regulatory bodies.
- At least 24 months of relevant IT Security industry experience in past 3 years.
- Ability to travel to Singapore customer locations where requested and non-Singapore customer locations where mutually agreed.
- Ability to join 24/7 on-call rota where requested.
- Excellent communications and customer-facing skills with a positive and proactive attitude towards customer issues
- Excellent Team player

**Desirable**:

- Understanding of networking including strong knowledge in IP stack
- Understanding of Server and endpoint technology stacks
- Understanding of common cloud platforms (Azure, AWS, GCP)
- Understanding of Singaporean financial regulations
- Experience of scripting and/or coding

**What we offer**:
We are a people-focused, high-performing, high-trust managed security services team. We pride ourselves on our investment in our people, meaning as we are a fast-evolving team in an exciting working environment, you’ll always have opportunities to solve the latest cybersecurity challenges, with the responsibility and development opportunities to match. #LI-Nettitude

An attractive remuneration package will be provided.

**Apply?**

Diversity and Inclusion at LRQA:
We are on a mission to be the place where we all want to work and we are passionate about embracing different perspectives because we understand the value this brings to our business, our clients and each other.