Principal Consultant, Cloud Incident Response (Digital Forensic)
A global AIoT software leader in Net Zero, Envision Digital is committed to becoming the world’s leading net zero technology partner for enterprises, governments, and cities to accelerate progress and improve their citizens’ quality of life.
EnOS™, Envision Digital’s proprietary AIoT operating system, connects and manages more than 110 million smart devices and 360 gigawatts of energy assets globally. Envision Digital’s growing ecosystem of more than 360 customers and partners spans 10 industries and includes Accenture, Amazon Web Services, GovTech Singapore, IBM, Keppel Corporation, Microsoft, Nissan, PTT, Solarvest, Total and ST Engineering. The company has close to 900 employees and 12 offices across the United Kingdom, France, Germany, the Netherlands, Norway, Japan, Thailand, China, and the United States, with headquarters in Singapore.
For more information, please visit www.envision-digital.com/
Senior Cloud Digital Forensic Incident Response Specialist
The Envision Digital Cyber Security organization is growing rapidly to help guide the company through its own global hyper growth phase. This growth is fueled by customer demand for our innovative cloud-based software and embedded product lines. We are looking for an Incident Response Security Engineer to join our dynamic team, driving efforts within the Envision Digital Cyber Incident Response to protect the EnOS Platform and Edge ecosystem from cyber security threats facing the organization. You will also build automation to address various events while conducting research and actively hunting for threats.
- Work with the Cloud Infrastructure and Platform teams to lead initiatives and develop and build security utilities and tools that will enable Envision Digital to operate more securely
- Build automation to address lower level related events
- Supervised and manage tickets on incidents and track to completion on the incident handling life cycle of multiple incidents for Envision Digital
- Key focus areas involving known/anomalous threats, operations and insider/behaviors
- Perform risk assessment, propose a solution and deploy (end-to-end treatment)
- Specialize in network, embedded and cloud host centric analysis, in a multi-tenant cloud platform for the Industrial Internet
- Conduct Table Top Exercises (TTX) to build muscle memory and facilitate a state of readiness
- Focus on Digital Forensics and Incident Response (DFIR) for Edge compute deployments in far reaches of the global
- Threat and vulnerability management
- Optimize security solutions within the organization
Qualifications & Experience:
- Bachelor Degree in Cyber Security/Information Technology or equivalent
- Relevant industry certifications, such as the GCFE, GCFA, or CCSP, could also be beneficial
- CISSP and OSCP certifications, as well as GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or other GIAC certificates desired
- 10 years of experience with at least 2 years of experience in SOC or in an incident response capacity, preferably within a Cloud Service Provider (CSP)
- Strong understanding of cloud computing platforms and architectures (e.g. AWS, Azure, GCP).
- Knowledge of cloud-based security controls and compliance frameworks (e.g. SOC 2, PCI-DSS, HIPAA).
- Working knowledge of SIEMs and security analytics platforms such as Splunk, Devo, Sentinel
- Experience with malware and reverse engineering Experience with host-centric detection and response skills
- Well versed in Windows, Mac, Linux, and Unix operating systems
- Experience with secure communication methods, including Secure Shell, SILC, and PGP/GPG Distributed computing, clusters, virtualization, high availability, load balancing will be a plus
- Demonstrated experience with embedded device IR and Forensics a definite plus
- Experience with host-centric tools or other forensic software and techniques
- Capabilities in offensive / defensive technologies and agile incident response focus will be critical to success
- Familiarity with scripting or programming languages such as Python, PowerShell, or Bash to drive automation processes
- Strong problem-solving and analytical skills
- Able to work outside of working hours to support during incidents that occur