VP, Digital Forensics Analyst, Global Information Security

  • Sector: LMA Asia Technology
  • Contact: Cindy Nguyen
  • Contact Email: cindy.nguyen@lmarecruitment.asia
  • Client: LMA
  • Location: Singapore
  • Salary: Negotiable
  • Expiry Date: 18 May 2022
  • Job Ref: BBBH366824_1645082457

Our client is an International Bank with leading corporate and institutional investors through our offices in more than 35 countries. They serve almost all of the Fortune 500 companies and approximately 67 million consumer and small-business clients offering a full suite of financial products and services, from banking and investments to asset and risk management.
Their Cyber Security Defense team's aim is to protect the bank and has an end to end view and influence over all security controls at the Bank. Digital Forensics which is part of CSD, is a reactive team that responds to events or incidents in order to identify and mitigate risk to the Bank. Digital Forensics purview encompasses a wide breadth of incidents, which includes but are not limited to third party breaches, determining data exfiltration and anything else in-between. The Digital Forensics team are well trained and comprise of individuals with a number of different backgrounds, which ranges from law enforcement, consulting and from within industry. Training and certification opportunities are commonplace and actively encouraged, as well as the empowerment to invest time in learning new and upcoming technologies that improve on the way that we respond to incidents.

Your background
The ideal candidate will be a motivated and adaptable individual with over 10 years of Digital Forensics and Incident Response (DFIR) experience, with an extensive background from large scale enterprise environments working within a "Follow-The-Sun" model (or equivalent). This candidate will have the ability to identify, analyse and present evidential data from a wide range of enterprise systems for a wide range of incident or investigative scenarios. As well as this, the ideal candidate will be able to draw upon their well-versed knowledge in computing and networking, together with information security technologies, techniques and processes.
In terms of qualifications and certifications, one of the below are an essential requirement:

  • Bachelor's, Masters or Doctorate Degree in a Computer Science, Computer Engineering, Information Security or Cyber/Digital Forensics related discipline; or
  • Digital Forensics and Incident Response Certification (i.e. EnCE or related SANS certification, such as GCFA).

The following qualifications and certifications are highly advantageous, though not essential:

  • Certified Cloud Security Professional (CCSP); or
  • Linux Professional Institute Qualifications (Eg. LPIC-1, LPIC-2 etc); or
  • Linux Foundation Certified System Administrator (LFCS); or
  • Red Hat System Administration I, II, III or Certified System Administrator (RHCSA); or
  • Any other distribution (distro) specific Linux or Unix qualification or certification.

The following skills and experience are also advantageous and would be particularly exciting, though not essential:

  • Programming and scripting skills or experience, such as:
    • Programming skills and experience, such as Java, C++, Python; or
    • Batch or shell scripting experience within Windows or Linux environments; or
  • Experience in one of the following Digital Forensics and Incident Response (DFIR) backgrounds:
    • Cloud and/or containerisation technologies (i.e. Docker and Kubernetes) within an enterprise environment; or
    • Linux/Unix systems with particular focus on RedHat or other enterprise scale distributions (distros). This experience should also include excellent knowledge of operating system nuances, file systems and inner workings.

What you will do
Not one day is the same for Cyber Security Defense (CSD) team and this is especially true for Digital Forensics (DF). Anyone working within the Digital Forensics team can expecting the following:

  • Utilizing your extensive Digital Forensics and Incident Response experience to conduct and manage your individual caseload across the entire incident response or investigative lifecycle from start to finish;
  • Discovering unfamiliar technology or data during the midst of an incident or investigation and assessing its relevance to the issues at hand, i.e. stored information, auditing capability, evidential value etc;
  • Leveraging upon your ability to communicate, both written and verbal, in a clear, concise and inclusive manner to technical and non-technical audiences with colleagues, peers and stakeholders at all levels;
  • Embracing new and upcoming technologies and assessing how they could apply and improve on the way in which the team responds to incidents;
  • Working alongside a global team with colleagues in the USA and Europe, whilst placing emphasis on collaboration and sharing of ideas and methodologies.
  • Undertaking and sharing the responsibilities of working an on-call schedule so that the bank is well placed to respond to incidents or investigations when required.

Company Reg. No.: 201131609D | Licence No.: 11C4684 | EA Reg No.: R 1440978