Incident Response Sr. Consultant - SpiderLabs

  • Category: Security Services
  • Team: Consulting & Professional Services
  • Location: Singapore, Singapore

Description

Position at Trustwave

Trustwave is a leading cybersecurity and managed security services provider that helps businesses fight cybercrime, protect data and reduce security risk. Offering a comprehensive portfolio of managed security services, security testing, consulting, technology solutions and cybersecurity education, Trustwave helps businesses embrace digital transformation securely. Trustwave is a Singtel company and the global security arm of Singtel, Optus and NCS, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.

SpiderLabs is Trustwave’s elite security team focused on digital forensics, incident response, penetration testing, application security and threat intelligence.

The role will include delivering incident response services across the full breadth of SpiderLabs’ service portfolio. It is a unique opportunity to be a part of a talented, global team, and to work on a diverse and very interesting set of projects.
 

Your primary role will be assisting customers prepare for and respond to computer security breaches and will need to be prepared to work with both small and large organizations of varying levels of technical maturity. Your work will be a mix of going onsite to investigate breaches, conducting remote analysis, running table top exercises and attack simulations, testing detection and response tools and implementations and assisting in the writing of Incident Response Plans. You will also be required to qualify as a PCI Forensic Investigator. 

 
Experience Requirements: 
  • Have several years of experience in digital forensics and/or incident response.
  • Is happy to work independently, and get engaged in online chats with a globally distributed team.
  • Experience with forensic tools, you will have access to Encase, W-ways, Axiom, Carbon Black, Counterattack and GRR along with whatever open source tools you prefer and other commercial tools you can convince us to buy.
  • Have experience with compromises involving web applications.

Skill Requirements 
  • Must be fluent in English, both written and spoken.  French, Spanish or Portuguese is a plus but not a requirement.
  • Be a fast and lifelong learner
  • Be comfortable chasing malware through systems and familiar with persistence mechanisms, injection methods and detection/evasion techniques.
  • Ability to lead teams of both direct as well as indirect reports
  • Ability to foster and develop strong client relationships.
  • Be able to decode base64 in their head and write a python script before breakfast.

DFIR

  • Knowledge of key forensic artifacts in both Windows and *Nix systems. Be able to articulate their significance to an investigation.
  • Experience in payment card forensics (under the PCI PFI program) desirable.
  • Experience with scripting in Perl/Python/Ruby very desirable.
  • Experience with both desktop-based and server-based forensics.
  • Comfortable working in a *nix environment.

Bonus experience

  • Contributions to the DFIR community, Blog, twitter, git repos.
  • Conference presentations (but paid marketing events don’t count).
  • Penetration testing experience.
  • Knowledge of and demonstrable experience with a wide range of different attack tools.
  • Application testing skills.
  • Reverse engineering skills.

 Other Requirements

  • Demonstrated leadership experience
  • Strong report writing skills
  • Strong communications skills
  • Ability to travel, approx. 25%
  • Ability to work independently and communicate with clients.
  • Ability to identify potential new business opportunities within the client base.

Education:

We prefer college-educated applicants, but at minimum, high school diploma or equivalent is required for employment.

 

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

 

To All Agencies:

Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.

 

Share this opportunity

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit www.trustwave.com.

To All Agencies: Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.