Associate Consultant, Threat Hunt and Incident Response

Ensign is hiring !

Job Description – Associate Consultant, Threat Hunting & Response

Responsibilities:

• Collaborate with the team and be responsible for the delivery of client engagements, providing updates to the engagement and/or team lead

• Contribute to the project delivery of the Ensign Consulting – Threat Hunting & Response business; aligns with the project schedule for deliverables and milestones; adaptable to the needs and requirements of the engagement; communicates effectively with clients and internal stakeholders;

• Assist in the response to cyber security incidents and providing efforts in determining the criticality of an incident, investigation of incident actions, appropriate containment, and performing mitigation activities;

• Understanding and familiarity with the phases of the Incident Response life cycle of: analysis, containment, eradication, remediation, recovery;

• Ability to perform malware analysis and reverse engineering will be desirable;

• Contributing to the improvements of the incident response and threat hunting processes by taking advantage of the integration with new technologies and capabilities;

• Participating in the program development plan, which includes development of threat hunting hypothesis, and to continually improve IR Playbooks, SOPs alignments and training;

• Participating in the communication and documentation of the hunt results, details of incidents, and creating status reports of tasks performed to stakeholders;

• Staying abreast of the latest information security controls, practices, techniques and capabilities in the marketplace; leading internal skills development activities for information security personnel on the topic of security monitoring and incident response, by providing mentoring and by conducting knowledge sharing sessions;

• Familiarization with industry digital forensics tools and threat hunting platforms;

• Assisting in the preparation and delivery of clear and concise technical & management reports and formal papers (when necessary) on incident findings to the different levels of customer-end stakeholders including the management. This includes making appropriate level presentations to the customer’s stakeholders;

• Researching and keeping up-to-date with technological trends in relation to cyber security, threat hunting, and digital forensics;

• Performing other job-related duties as assigned

Requirements:

• Experience with threat hunting, incident response handling, and/or digital forensics investigations

• Bachelor’s Degree in computer engineering, Computer Science, Cyber Security, Information Security or other equivalents

• Ability to travel 20% of the time

Preferred Skills/Qualities:

• Experience supporting or providing expert witness testimonials

• Experience in data analysis

• Experience in log analysis

• Experience in reverse malware analysis

• Experience with research, technical and business documentation and analysis

• Experience in consulting, including both internal and client facing experiences

• Knowledge of the Singapore Law, Singapore Government regulations and policies

• Ability to obtain a security clearance

• Ability to demonstrate flexibility, initiative and innovation in dealing with ambiguous, fast-paced situations

• Ability to show proficiency in one or more regional languages and dialects

• Ability to show proficiency in Microsoft Office, Power BI and Tableau

• Ability to show proficiency in Forensic Toolkits, e.g. EnCase Forensics, FTK Forensics, Magnet Forensics and Write Blockers

• Ability to show proficiency in Electronic Discovery solutions, e.g. Relativity, Nuix and EnCase

• Ability to show proficiency in reverse malware engineering tools, e.g. IDA Pro

• Ability to show proficiency in programming and scripting, e.g. Java, .NET Programming, Python & PERL scripting, etc

• Possession of excellent presentation and briefing skills

• Possession of excellent oral and written communication skills

• Professional certifications, including EnCE, GCIH, GCFE, GCFA, GREM, GNFA, GASF, GCTI, CISSP, or other relevant certification