KPMG Malaysia
KPMG Malaysia
Associate / Senior Associate - Cyber Incident Response & Forensic - TRC
KPMG Malaysia
Full-time
Petaling Jaya, Selangor, Malaysia

Description:

In this role, we are looking for a person who can demonstrate a good technical background and has a desire to improve and learn new knowledge.

When not responding to incidents, you may be helping our clients build their in-house incident response capabilities, which could include building and developing cyber-response tools, authoring and adapting runbooks and playbooks, assessing the incident response maturity, and assisting in table-top cyber-scenario exercises. When not working with clients, you will be researching, sharing, and maintaining knowledge on the latest attack and threat actor trends, as well as researching and testing the latest threat detection solutions and developing in-house tools.

Above all, KPMG is looking for someone who is passionate about helping our clients with their cyber security challenges, often at a time of critical need. In return, we are committed to helping you to enjoy the role and develop your skills and career within the KPMG with the objective of progressing into a senior leadership role

Responsibilities:

  • Investigate cyber security incidents for our clients, working closely with the cyber response lead.
  • Digital forensics of relevant incident data (disk, volatile memory, network packets, log files).
  • Keeping up with the latest cyber threats and being able to advise clients on the threat landscape and threats that may impact them.
  • Recognize common attacker tools, tactics, and procedures.
  • Participate in the development of KPMG’s in-house cyber-response tools.
  • To comply with KPMG information security objective and adhere to all relevant policies, procedures, and guidelines.
  • For senior level, project management involvement is required
  • Perform other duties as and when required.

Requirements:

The successful candidate will demonstrate competency in computing and networks as well as in cyber-security either by having the relevant work experience, completed a degree or obtained industry relevant certification. Therefore, the qualifications below should be seen as means to demonstrate competency and not as a requirement. The desired skill and qualification is provided below:

  • 2-3 years of direct experience in digital forensics, incident response, malware analysis
  • Good team player with the ability to fulfil tasks within a set time frame.
  • Demonstrated critical thinking and problem-solving abilities
  • A strong desire to learn more about information security and a commitment to professional growth
  • Excellent communication skills (both written and oral)
  • Strong IT and network skills – knowledge of common enterprise technologies – Windows and Windows Active Directory, Linux, Cisco, etc.
  • Working programming skills set to be able to author and develop tools
  • Technical proficiency in at least one of these areas: network security/traffic/log analysis; Linux and/or Mac/Unix operating system forensics; Linux/Unix disk forensics (ext2/3/4, HFS+, and/or APFS file systems), memory forensics, static and dynamic malware analysis / reverse engineering, advanced mobile device forensics
  • Working knowledge of the Cyber Kill Chain Model and MITRE ATT&CK Matrix and how each methodology can be applied.
  • Understanding on Cyber Table top exercises and create Scenarios & MEL’s
  • Sound knowledge of industry computer forensic tools such as X-Ways, EnCase, FTK, AXIOM, XRY and/or Cellebrite
  • Sound knowledge in preservation of digital evidence (logical, physical, cloud, encrypted devices)
  • (Preferred) Degree level qualified, MSc in Information Security, IT or relevant STEM subjects.
  • Sound knowledge of security tools such as SIEM, firewalls, IDS/IPS, proxies, AV is preferred
  • Qualifications and Education requirements
  • Minimum qualifications required: B.E/B. Tech or Equivalent
  • Excellent communication skills and project management skills.
  • Must have Digital forensics certificates such as:
  • Certified Digital Forensic Examiner (CDFE),
  • GIAC- GIAC Certified Forensic Examiner (GCF)
  • CREST certified malware reverse engineer (CCMRE),
  • GIAC Certified (Network) Forensic Analyst (GNFA)
  • Must have Incident management certifications such as:
  • CREST certified incident manager (CCIM).
  • GIAC Certified Incident Handler (GCIH)
  • (Preferred) General information security certificates such CISSP, CEH , CHFI etc.
Show More
Already applied to this job? Login
pulsifiPowered by Pulsifi