CyberOps Consultant - Incident Response

Singapore
CyOps – CyberOps
Full-time
Building a Safer Cyberspace:

At Horangi, we’re passionate about building a safer cyberspace and creating software that solves challenging cybersecurity problems. Horangi focuses on building partnerships with our customers, developing an understanding of their business goals and building a security strategy that helps achieve their objectives. Horangi’s personnel have an extensive engineering experience and strong background in penetration testing, incident response and strategic consulting including both large multinational networks and small organizations with focused missions. We enjoy solving tough security problems and we are eager to find new challenges and build new relationships.

The Job:

Are you interested in investigating computer crimes and breaches? Can you think like an attacker to stay one step ahead of them, or understand the operational security controls needed to detect, remediate, and prevent compromises?

Horangi seeks Incident Response Consultants with strong technical skills and an eagerness to lead projects and work with our clients. Candidates will need to apply their forensics, log analysis, and malware triage skills to solve complex intrusion cases at organizations around the world. Our consultants must be comfortable working in teams to tackle challenging projects, communicating with clients, and creating and presenting high-quality deliverables.

Responsibilities:

    • Conduct host forensics, network, forensics, log analysis, and malware triage in support of incident response investigations.
    • Utilize Horangi’s stack technology to conduct large-scale investigations and examine endpoint and network-based sources of evidence.
    • Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations.
    • Build scripts, tools, or methodologies to enhance Horangi’s incident investigation processes.
    • Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
    • Effectively communicate investigative findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel.
    • Work with security and IT operations at clients to implement remediation plans in response to incidents.
    • Assist with scoping prospective engagements, participating in investigations from kickoff through remediation, and mentoring less experienced staff.

Requirements:

    • Minimum 2-5 years of comparable experience
    • Technical expertise in at least three of the following areas:
    • - Windows disk and memory forensics
    • - Network Security Monitoring (NSM), network traffic analysis, and log analysis
    • - Unix or Linux disk and memory forensics
    • - Static and dynamic malware analysis
    • - Applied knowledge in at least one scripting or development language (such as Python)
    • - Thorough understanding of enterprise security controls in Active Directory / Windows environments

Additional Qualifications:

    • Willingness to travel up to 50%
    • Hold or the willingness to obtain current industry standard certifications such as GCIH
    • Ability to successfully interface with both internal and external clients
    • Ability to document and explain technical details in a concise, understandable manner