Conduct technical investigations of cyber incidents, analysing logs, Windows and Linux artifacts, and utilizing EDR, network monitoring tools, and SIEM.
Acquire (or guide others to acquire) data necessary to investigate from various sources using appropriate tools and techniques.
Assist with providing strategic recommendations to customers regarding incident response and remediation.
Design, build, and train Cyber Incident Response capabilities for clients.
Detect, analyse, and respond to security incidents, including malware, ransomware, and other cyber threats.
Write scripts to automate investigation processes (PowerShell, Python, Bash).
Prepare detailed reports on findings and communicate effectively with stakeholders.
Summarize and highlight to the Service Delivery Manager (SDM) any cases pending resolution for extended periods
Kỹ năng & Chuyên môn
Experience with forensic tools and methodologies.
Familiar with engineering tools like IDA, Ghidra, etc.) and debugger tools (GDB, WinDbg).
Familiar with forensic tools like Sysinternals, Volatility, and network analysis tools like Wireshark.
Strong knowledge of Windows and Linux OS, and network security principles.
Proficiency in log analysis, memory forensics, and network traffic analysis.
Excellent problem-solving skills and the ability to work under pressure.
