66 Incident Response jobs in Kuala Lumpur

Monks Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia Monks Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia Direct message the job poster from Monks Global Talent Acquisition Leader | Talent Management and Candidate Attraction Specialist | Recruitment and Sourcing Strategy | Recruitment Process…

Please note that we will never request payment or bank account information at any stage of the recruitment process. As we continue to grow our teams, we urge you to be cautious of fraudulent job postings or recruitment activities that misuse our company name and information. Please protect your personal information during any recruitment process. While Monks may contact potential candidates via LinkedIn, all applications must be submitted through our official website (monks.com/careers).

Position Description

We are looking for an Incident Response Analyst who is able to analyze security events and investigate potential incidents, validate and manage high priority incidents while providing comprehensive written root-cause analysis to security teams & stakeholders, utilize tooling to contain & minimize overall impact while escalating unresolved incidents to security engineering teams, maintain & continuously update incident response plans and runbooks for more efficient incident response.

This person will be responsible for monitoring security alerts and events in order to identify & remediate security incidents across various on-prem and cloud based solutions. We are looking for someone who is passionate about what they do, and not afraid to speak up or make suggestions.

Key Accountabilities

Develop operational procedures to implement and continually improve the incident response process. Monitor security alerts within the tech stack, and investigate any potential security incidents. Analyze the alerts received to classify and assess the impact, managing high priority incidents, including communication to the business, facilitating root cause analysis and resolution. Perform cyber security investigations as part of the incident analysis. Coordinate with other departments the remediation tasks to be performed and escalate unresolved incidents. Perform post-mortem analysis to identify root causes and design controls or measures to prevent future incidents. Write comprehensive investigation reports capturing investigation details and root cause analysis aligned knowledge of modern Tactics, Techniques, and Procedures (TTPs). Collaborate with content production for security awareness.

Minimum Qualifications

3+ years of experience in similar roles Bachelor’s degree in Computer Science/Engineering/Information Security Working ITIL knowledge and experience or similar Functional knowledge of the MITRE ATT&CK framework Experience with log analysis, malware analysis, and/or forensic analysis Hands-on experience with industry leading security tools: EDR, SWG, SIEM, MDM

Qualities

Good communication Ability to confidently present findings to those with either a technical or non-technical background. Self-directed, resourceful, and a critical thinker with attention-to-detail and proactive problem-solving skills. Ability to self-organize and plan activities with commitment towards results. Ready to learn new contents both from others or self-learned. Passionate about self-improvement and suggesting improvements to processes or activities.

Preferred Qualifications

InfoSec Certification (e.g. CISSP, Comptia Sec+, CEH, etc) Cloud experience (AWS, Azure, GCP) in a production environment Scripting experience (Python, Perl, Powershell, etc) Experience in Blue/Red/Purple team engagements

About Monks

Monks is the global, purely digital, unitary operating brand of S4Capital plc. With a legacy of innovation and specialized expertise, Monks combines an extraordinary range of global marketing and technology services to accelerate business possibilities and redefine how brands and businesses interact with the world. Its integration of systems and workflows delivers unfettered content production, scaled experiences, enterprise-grade technology and data science fueled by AI—managed by the industry’s best and most diverse digital talent—to help the world’s trailblazing companies outmaneuver and outpace their competition.

Monks was named a Contender in The Forrester Wave: Global Marketing Services. It has remained a constant presence on Adweek’s Fastest Growing lists ), ranks among Cannes Lions' Top 10 Creative Companies ) and is the only partner to have been placed in AdExchanger’s Programmatic Power Players list every year ). In addition to being named Adweek’s first AI Agency of the Year (2023), Monks has been recognized by Business Intelligence in its 2024 Excellence in Artificial Intelligence Awards program in three categories: the Individual category, Organizational Winner in AI Strategic Planning and AI Product for its service Monks.Flow. Monks has also garnered the title of Webby Production Company of the Year ), won a record number of FWAs and has earned a spot on Newsweek’s Top 100 Global Most Loved Workplaces 2023.

We are an equal-opportunity employer committed to building a respectful and empowering work environment for all people to freely express themselves amongst colleagues who embrace diversity in all respects. Including fresh voices and unique points of view in all aspects of our business not only creates an environment where we can all grow and thrive but also increases our potential to produce work that better represents—and resonates with—the world around us.

Seniority level

Seniority level Mid-Senior level Employment type

Employment type Full-time Job function

Job function Management and Manufacturing Industries Advertising Services Referrals increase your chances of interviewing at Monks by 2x Sign in to set job alerts for “Incident Analyst” roles.

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago Federal Territory of Kuala Lumpur, Malaysia 1 week ago Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 month ago Bukit Raja, Selangor, Malaysia 1 week ago Wilayah Persekutuan Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 3 days ago Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 day ago Security Operations Center Analyst (SOC Analyst)

WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 5 days ago WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago Petaling Jaya, Selangor, Malaysia 5 days ago Federal Territory of Kuala Lumpur, Malaysia 1 week ago Federal Territory of Kuala Lumpur, Malaysia 1 week ago Federal Territory of Kuala Lumpur, Malaysia 1 week ago Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 month ago Security Operations Centre Analyst (Night Shift)

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 day ago Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 5 days ago Federal Territory of Kuala Lumpur, Malaysia 3 weeks ago Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 3 days ago Taman Wilayah, Federal Territory of Kuala Lumpur, Malaysia 2 months ago Security Operations & Governance Analyst (1 year Contract)

Federal Territory of Kuala Lumpur, Malaysia 3 weeks ago Operational Technology (OT) Security Analyst

Petaling Jaya, Selangor, Malaysia 3 days ago Cyber Security Analyst (Governance, Risk & Compliance)

Federal Territory of Kuala Lumpur, Malaysia 3 weeks ago Federal Territory of Kuala Lumpur, Malaysia 1 week ago Federal Territory of Kuala Lumpur, Malaysia 1 week ago Analysts, Associate Analysts & Consultant – Cybersecurity Governance, Risk & Compliance (GRC)

Federal Territory of Kuala Lumpur, Malaysia 3 weeks ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Overview

Associate (Forensics Lead), Incident Response — S-RM Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia

The role focuses on forensic investigations within our Incident Response team, delivering delivery-focused support across incident response services and complex cyber incidents.

Responsibilities

• Supporting technical incident response from first contact through to closure: act as a technical resource on response cases, deploying expertise, creating tailored strategies for response workstreams, and guiding project colleagues as needed.
• Overseeing host- and network-based incident response investigations: triage, system recovery, technical evidence collection, and forensics, log, malware and root cause analyses.
• Developing and sharing domain expertise: grow cyber expertise and share it with the wider team through internal initiatives and programs.
• Participating in an on-call rotation to provide 24x7x365 client incident coverage.
• Engaging in a variety of casework across public and corporate clients, with opportunities to broaden security awareness into testing and advisory projects, in addition to deepening incident response expertise.
• Flexible working practices to support wellbeing, with options to balance on-site and remote work.

Qualifications

• Direct experience working in an Incident Response or Digital Forensics team is strongly preferred; candidates with exposure to IR teams or roles with IR aspects will be considered.
• Fundamental understanding of computer systems and networks, including:
  • Windows systems (e.g., domain services, standard build templates, SCCM, PowerShell)
  • Networking (firewall rules, network segmentation, DNS)
  • Virtualization technologies (ESXi, Hyper-V)
  • Endpoint Detection & Response solutions
• Experience conducting forensic investigations, particularly on Windows systems; Linux and MacOS investigation experience is preferred.
• Understanding of core incident response workstreams, including containment and restoration/recovery, is a benefit.
• Critical and investigative mindset with the ability to solve problems with limited information and guidance.
• Knowledge of cyber threat actors and their TTPs.
• Strong communication skills, comfortable speaking to individuals at all levels of an organization.
• Certifications (or equivalent) such as GCFE, GCFA, GCIH, GNFA are preferred; beneficial certifications include EnCE, CFSR, CISSP, GREM, CCNA, MCFE, OSCP, Network+ and Security+.
• Working proficiency in another language (e.g., Malay, Tamil, Mandarin, Cantonese, Vietnamese) is beneficial but not required.
• Must have permission to work in Malaysia by the start of employment.

Benefits

• 20 days paid holiday each year, plus public holidays and additional leave accrual up to 5 days.
• Flexible working: minimum two days in the office per week; remote work option; flexible hours between 7am and 7pm.
• Pension scheme: EPF contributions in accordance with legislative requirements.
• Life insurance; company-paid private medical and dental insurance.
• Company-paid maternity, paternity and fertility treatment leave.
• Employee Assistance Programme: 24/7 access to specialist support services and resources.

The role will be based in our office in Kuala Lumpur with flexible working arrangements available.

#J-18808-Ljbffr

Overview

Associate (Forensics Lead), Incident Response — S-RM Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia The role focuses on forensic investigations within our Incident Response team, delivering delivery-focused support across incident response services and complex cyber incidents. Responsibilities

Supporting technical incident response from first contact through to closure: act as a technical resource on response cases, deploying expertise, creating tailored strategies for response workstreams, and guiding project colleagues as needed. Overseeing host- and network-based incident response investigations: triage, system recovery, technical evidence collection, and forensics, log, malware and root cause analyses. Developing and sharing domain expertise: grow cyber expertise and share it with the wider team through internal initiatives and programs. Participating in an on-call rotation to provide 24x7x365 client incident coverage. Engaging in a variety of casework across public and corporate clients, with opportunities to broaden security awareness into testing and advisory projects, in addition to deepening incident response expertise. Flexible working practices to support wellbeing, with options to balance on-site and remote work. Qualifications

Direct experience working in an Incident Response or Digital Forensics team is strongly preferred; candidates with exposure to IR teams or roles with IR aspects will be considered. Fundamental understanding of computer systems and networks, including:

Windows systems (e.g., domain services, standard build templates, SCCM, PowerShell) Networking (firewall rules, network segmentation, DNS) Virtualization technologies (ESXi, Hyper-V) Endpoint Detection & Response solutions

Experience conducting forensic investigations, particularly on Windows systems; Linux and MacOS investigation experience is preferred. Understanding of core incident response workstreams, including containment and restoration/recovery, is a benefit. Critical and investigative mindset with the ability to solve problems with limited information and guidance. Knowledge of cyber threat actors and their TTPs. Strong communication skills, comfortable speaking to individuals at all levels of an organization. Certifications (or equivalent) such as GCFE, GCFA, GCIH, GNFA are preferred; beneficial certifications include EnCE, CFSR, CISSP, GREM, CCNA, MCFE, OSCP, Network+ and Security+. Working proficiency in another language (e.g., Malay, Tamil, Mandarin, Cantonese, Vietnamese) is beneficial but not required. Must have permission to work in Malaysia by the start of employment. Benefits

20 days paid holiday each year, plus public holidays and additional leave accrual up to 5 days. Flexible working: minimum two days in the office per week; remote work option; flexible hours between 7am and 7pm. Pension scheme: EPF contributions in accordance with legislative requirements. Life insurance; company-paid private medical and dental insurance. Company-paid maternity, paternity and fertility treatment leave. Employee Assistance Programme: 24/7 access to specialist support services and resources. The role will be based in our office in Kuala Lumpur with flexible working arrangements available.

#J-18808-Ljbffr

Location: Malaysia (Kuala Lumpur), Hong Kong, Singapore

Join Fortinet, a cybersecurity pioneer with over two decades of excellence, as we continue to shape the future of cybersecurity and redefine the intersection of networking and security. At Fortinet, our mission is to safeguard people, devices, and data everywhere. We are currently seeking a dynamic Lead Consultant (FortiGuard Incident Response) to contribute to the success of our rapidly growing business.

You will work directly with members of a world-class incident response and forensics team. Our team is comprised of individuals with strong knowledge in malware hunting and analysis, reverse engineering, multiple scripting languages, forensics and threat actors TTPs.

As a Lead Consultant (FortiGuard Incident Response), you will:

• Lead IR engagements and mentoring/training junior analysis.
• Continue to focus on process improvement for the customer-facing incident response services.
• Conduct host-based analysis and forensic functions on Windows, Linux, and Mac OS X systems.
• Review firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity.
• Leverage our FortiEDR Platform to conduct investigations to rapidly detect and analyze security threats.
• Perform basic reverse engineering of threat actor’s malicious tools.
• Develop complete and informative reports and presentations for both executive and technical audience.
• Availability during nights/weekends as needed for IR engagements.
• Perform memory forensics and file analysis as needed.
• Monitor underground forums, our FortiGuard Threat Labs, along with other open-source intelligence outlets to maintain proficiency in latest actor tactics and techniques.

We Are Looking For:

An insightful and influential collaborator to join our team. We encourage you to apply for this position if you have the following qualities:

• Experience with at least one scripting language: Shell, Ruby, Perl, Python, etc.
• Ability to data mine using YARA, RegEx or other techniques to identify new threats.
• Experience with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open source forensic tools a plus.
• Experience with malware analysis tools such as IDA Pro, OllyDbg, Immunity Debugger.
• Hands-on experience dealing with APT campaigns, attack Tactics, Techniques and Procedures (TTPs), memory injection techniques, static and dynamic malware analysis and malware persistence mechanism.
• Strong knowledge of operating system internals and endpoint security experience.
• Able to communicate with both technical and executive personnel.
• Static and dynamic malware and log analysis.
• Excellent written and verbal communication skills a must.
• Reading and writing skills of non-English languages such as Chinese and Russian a plus.
• Analysis of Linux and MAC binary files and the understanding of MAC internals is a plus but not required.
• Highly motivated, self-driven and able to work both independently and within a team.
• Able to work under pressure in time-critical situations and occasional nights and weekends work.
• A good understanding of Active Directory a plus.
• Bachelor’s Degree in Computer Engineering, Computer Science or related field.
• Or 10+ years’ experience with incident response and or Forensics.

Why Join Us:

At Fortinet, we embrace diversity and inclusivity. We encourage applications from diverse backgrounds and identities. Explore our welcoming work environment designed for a rewarding career journey with an attractive Total Rewards package to support you with your overall health and financial well-being. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe.

We will only notify shortlisted candidates.

#J-18808-Ljbffr

about the company
You will be working for a major organisation within the finance industry

about the job

• Lead and manage all phases of cybersecurity incident response (containment, eradication, recovery).
• Develop and refine incident response plans, playbooks, and procedures.
• Oversee and conduct advanced digital forensic investigations (endpoints, servers, networks, cloud).
• Lead, mentor, and develop the CFIR team.
• Stay updated on cyber threats and vulnerabilities relevant to the financial sector.
• Communicate technical findings and reports to stakeholders (technical/non-technical, management, regulatory bodies).
• Evaluate, recommend, and implement CFIR tools and technologies.
• Ensure CFIR activities comply with internal policies, industry best practices, and BNM regulations.
• Lead post-incident reviews for continuous improvement.
• Collaborate with SOC, IT, legal, risk, and other departments.

about the package

• Salary up to RM15,000
• Must have working rights in Malaysia
• Performance bonus
• Allowances
• Medical and life insurance

skills

Cyber forensics, digital forensics, incident response, cybersecurity, IT security

qualifications

- 3-5 years hands on experience within Cyber Forensics and Incident Response

education

Associate Degree/Diploma

#J-18808-Ljbffr

Location: Malaysia (Kuala Lumpur), Hong Kong, Singapore Join Fortinet, a cybersecurity pioneer with over two decades of excellence, as we continue to shape the future of cybersecurity and redefine the intersection of networking and security. At Fortinet, our mission is to safeguard people, devices, and data everywhere. We are currently seeking a dynamic Lead Consultant (FortiGuard Incident Response) to contribute to the success of our rapidly growing business. You will work directly with members of a world-class incident response and forensics team. Our team is comprised of individuals with strong knowledge in malware hunting and analysis, reverse engineering, multiple scripting languages, forensics and threat actors TTPs. As a Lead Consultant (FortiGuard Incident Response), you will:

Lead IR engagements and mentoring/training junior analysis. Continue to focus on process improvement for the customer-facing incident response services. Conduct host-based analysis and forensic functions on Windows, Linux, and Mac OS X systems. Review firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity. Leverage our FortiEDR Platform to conduct investigations to rapidly detect and analyze security threats. Perform basic reverse engineering of threat actor’s malicious tools. Develop complete and informative reports and presentations for both executive and technical audience. Availability during nights/weekends as needed for IR engagements. Perform memory forensics and file analysis as needed. Monitor underground forums, our FortiGuard Threat Labs, along with other open-source intelligence outlets to maintain proficiency in latest actor tactics and techniques. We Are Looking For:

An insightful and influential collaborator to join our team. We encourage you to apply for this position if you have the following qualities: Experience with at least one scripting language: Shell, Ruby, Perl, Python, etc. Ability to data mine using YARA, RegEx or other techniques to identify new threats. Experience with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open source forensic tools a plus. Experience with malware analysis tools such as IDA Pro, OllyDbg, Immunity Debugger. Hands-on experience dealing with APT campaigns, attack Tactics, Techniques and Procedures (TTPs), memory injection techniques, static and dynamic malware analysis and malware persistence mechanism. Strong knowledge of operating system internals and endpoint security experience. Able to communicate with both technical and executive personnel. Static and dynamic malware and log analysis. Excellent written and verbal communication skills a must. Reading and writing skills of non-English languages such as Chinese and Russian a plus. Analysis of Linux and MAC binary files and the understanding of MAC internals is a plus but not required. Highly motivated, self-driven and able to work both independently and within a team. Able to work under pressure in time-critical situations and occasional nights and weekends work. A good understanding of Active Directory a plus. Bachelor’s Degree in Computer Engineering, Computer Science or related field. Or 10+ years’ experience with incident response and or Forensics. Why Join Us:

At Fortinet, we embrace diversity and inclusivity. We encourage applications from diverse backgrounds and identities. Explore our welcoming work environment designed for a rewarding career journey with an attractive Total Rewards package to support you with your overall health and financial well-being. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe. We will only notify shortlisted candidates.

#J-18808-Ljbffr

Associate (Forensics Lead), Incident Response APAC

S-RM is seeking an Associate to work within the Cyber Security Team in Kuala Lumpur.

S-RM is a global intelligence and cyber security consultancy. Since 2005, we’ve helped some of the most demanding clients in the world solve some of their toughest information security challenges.

We’ve been able to do this because of our outstanding people. We’re committed to developing sharp, curious, driven individuals who want to think critically, solve complex problems, and achieve success.

But we also know that work isn’t everything. It’s about the lives and careers it helps us build. We’re immensely proud of this culture and we invest in our people’s wellbeing, learning, and ideas every day.

We’re excited you’re thinking about joining us.

The role

Our Incident Response Associates are a critical part of our Cyber Security division's success.

As a Forensics Lead on our Incident Response team, you will deploy your expertise in a delivery role across our various incident response services, with a particular focus on forensic investigations into complex cyber incidents.

You will work across the full lifecycle of security incidents to help our clients respond and recover, including:

• Supporting technical incident response from first contact through to closure: you will be a technical resource on response cases, deploying your own expertise, creating tailored strategies for response workstreams, and offering guidance to colleagues on your project team. You may also be supported by more senior technical team members where appropriate.

Overseeing host- and network-based incident response investigations: including triage, system recovery, technical evidence collection, and forensics, log, malware and root cause analyses.

• Developing and sharing domain expertise: we will support you in growing your cyber expertise, including sharing it with the wider team through internal initiatives and programs.
• Participating in an on-call rotation to provide 24x7x365 client incident coverage.

Other features of the role include:

• Variety of casework: no day will be the same. Our team responds to a huge variety of incidents for both public and corporate clients.
• Range of opportunities: you will have opportunities to broaden your security awareness into testing and advisory projects, in addition to deepening your incident response expertise.
• Flexible working practices: responding to incidents can be intense, high-pressure work. We are mindful of our team's work/life balance and offer flexible working options to support your wellbeing.

What we're looking for

• Direct experience working in an Incident Response or Digital Forensics team is strongly preferred; however, candidates with exposure to working with Incident Response teams, or those in roles reflecting aspects of Incident Response will be considered.
• A fundamental understanding of computer systems and networks, including:
  • Windows systems (e.g. Managing domains services, creating standard build templates, using SCCM, moderate PowerShell capabilities, etc.)
  • Networking (e.g. managing firewall rules, providing guidance around network segmentation, DNS, etc.)
  • Virtualisation technologies (e.g. ESXi, Hyper-V, etc.)
  • Endpoint Detection & Response solutions.
• The candidate must be able to demonstrate experience conducting forensic investigations, in particular relating to Windows systems. Additional experience conducting investigations into Linux and MacOS systems is preferred.
• Demonstrable understanding of core incident response workstreams, including containment and restoration/recovery is a benefit.
• A critical and investigative mindset. You should be comfortable solving problems with limited information and guidance, developing proportionate strategies to achieve timely outcomes.
• Clear demonstrable knowledge of cyber threat actors, and their tactics, techniques, and procedures.
• Strong communication skills. You should be comfortable speaking to people at all levels of an organization, from the board of directors to the technical teams.
• It is preferred, but not required, that candidates hold one of the following certifications (or equivalent) GCFE, GCFA, GCIH, GNFA. However, holding any of the following is beneficial: EnCE, CFSR, CISSP, GREM, CCNA, MCFE, OSCP, Network+ and Security+
• A working proficiency in another language (such as Malay, Tamil, Mandarin, Cantonese, Vietnamese) is also beneficial, although not required.

The successful candidate must have permission to work in Malaysia by the start of their employment.

Benefits

We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, including:

• 20 days paid holiday each year: in addition to public holidays, as well as 1 additional day of leave for every year you work at S-RM up to a maximum of 5 days.
• Flexible working: work a minimum of two days a week in the office and the remainder remotely, choose your hours between 7am and 7pm.
• Pension scheme: S-RM contributes to Employees Provident Fund (EPF) in accordance with legislative requirements.
• Life Insurance: help someone you love should something happen to you. (Further details coming soon.)
• Company-paid private medical and dental insurance. (Further details coming soon.)
• Company-paid maternity, paternity and fertility treatment leave.
• Employee Assistance Programme: free access to specialist support services, including counselling, as well as an online portal of useful articles, tips and tools. Available 24/7, 365 days a year.

The role will be based in our office in Kuala Lumpur. However, we have flexible working arrangements available.

Application Process

The application process includes:

• A preliminary call which will be a chance for you to find out more about S-RM and the role.
• First Interview – a remotely run skills focused interview.
• Second interview - a remotely run skills focused interview.
• An assessment – an incident response skill evaluation test.
• Final interview - a remotely run skills focused interview.

S-RM nurtures a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.

#J-18808-Ljbffr

Associate (Forensics Lead), Incident Response APAC

S-RM is seeking an Associate to work within the Cyber Security Team in Kuala Lumpur. S-RM is a global intelligence and cyber security consultancy. Since 2005, we’ve helped some of the most demanding clients in the world solve some of their toughest information security challenges. We’ve been able to do this because of our outstanding people. We’re committed to developing sharp, curious, driven individuals who want to think critically, solve complex problems, and achieve success. But we also know that work isn’t everything. It’s about the lives and careers it helps us build. We’re immensely proud of this culture and we invest in our people’s wellbeing, learning, and ideas every day. We’re excited you’re thinking about joining us. The role

Our Incident Response Associates are a critical part of our Cyber Security division's success. As a Forensics Lead on our Incident Response team, you will deploy your expertise in a delivery role across our various incident response services, with a particular focus on forensic investigations into complex cyber incidents. You will work across the full lifecycle of security incidents to help our clients respond and recover, including: Supporting technical incident response from first contact through to closure: you will be a technical resource on response cases, deploying your own expertise, creating tailored strategies for response workstreams, and offering guidance to colleagues on your project team. You may also be supported by more senior technical team members where appropriate. Overseeing host- and network-based incident response investigations: including triage, system recovery, technical evidence collection, and forensics, log, malware and root cause analyses. Developing and sharing domain expertise: we will support you in growing your cyber expertise, including sharing it with the wider team through internal initiatives and programs. Participating in an on-call rotation to provide 24x7x365 client incident coverage. Other features of the role include: Variety of casework: no day will be the same. Our team responds to a huge variety of incidents for both public and corporate clients. Range of opportunities: you will have opportunities to broaden your security awareness into testing and advisory projects, in addition to deepening your incident response expertise. Flexible working practices: responding to incidents can be intense, high-pressure work. We are mindful of our team's work/life balance and offer flexible working options to support your wellbeing. What we're looking for

Direct experience working in an Incident Response or Digital Forensics team is strongly preferred; however, candidates with exposure to working with Incident Response teams, or those in roles reflecting aspects of Incident Response will be considered. A fundamental understanding of computer systems and networks, including:

Windows systems (e.g. Managing domains services, creating standard build templates, using SCCM, moderate PowerShell capabilities, etc.) Networking (e.g. managing firewall rules, providing guidance around network segmentation, DNS, etc.) Virtualisation technologies (e.g. ESXi, Hyper-V, etc.) Endpoint Detection & Response solutions.

The candidate must be able to demonstrate experience conducting forensic investigations, in particular relating to Windows systems. Additional experience conducting investigations into Linux and MacOS systems is preferred. Demonstrable understanding of core incident response workstreams, including containment and restoration/recovery is a benefit. A critical and investigative mindset. You should be comfortable solving problems with limited information and guidance, developing proportionate strategies to achieve timely outcomes. Clear demonstrable knowledge of cyber threat actors, and their tactics, techniques, and procedures. Strong communication skills. You should be comfortable speaking to people at all levels of an organization, from the board of directors to the technical teams. It is preferred, but not required, that candidates hold one of the following certifications (or equivalent) GCFE, GCFA, GCIH, GNFA. However, holding any of the following is beneficial: EnCE, CFSR, CISSP, GREM, CCNA, MCFE, OSCP, Network+ and Security+ A working proficiency in another language (such as Malay, Tamil, Mandarin, Cantonese, Vietnamese) is also beneficial, although not required. The successful candidate must have permission to work in Malaysia by the start of their employment. Benefits

We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, including: 20 days paid holiday each year: in addition to public holidays, as well as 1 additional day of leave for every year you work at S-RM up to a maximum of 5 days. Flexible working: work a minimum of two days a week in the office and the remainder remotely, choose your hours between 7am and 7pm. Pension scheme: S-RM contributes to Employees Provident Fund (EPF) in accordance with legislative requirements. Life Insurance: help someone you love should something happen to you. (Further details coming soon.) Company-paid private medical and dental insurance. (Further details coming soon.) Company-paid maternity, paternity and fertility treatment leave. Employee Assistance Programme: free access to specialist support services, including counselling, as well as an online portal of useful articles, tips and tools. Available 24/7, 365 days a year. The role will be based in our office in Kuala Lumpur. However, we have flexible working arrangements available. Application Process

The application process includes: A preliminary call which will be a chance for you to find out more about S-RM and the role. First Interview – a remotely run skills focused interview. Second interview - a remotely run skills focused interview. An assessment – an incident response skill evaluation test. Final interview - a remotely run skills focused interview. S-RM nurtures a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.

#J-18808-Ljbffr

Turnkey provides consulting and managed services in the areas of Identity and Access Management, Risk and Controls Management and Application/Cyber Security for corporations predominantly running SAP software. We deliver consulting and application support services within this specialised niche to customers regardless of their size or industry, helping them to minimise their business risks with appropriate controls throughout their day to day and critical business transactions.

We are an established and fast-growing company with a culture of personal responsibility, knowledge sharing and a commitment to putting our clients at the centre of everything that we do. Founded in the UK in 2004, we have gone on to establish ourselves as a truly global organisation with offices in Australia, Germany, the US, Malaysia, Singapore and France.

Our aim is to ensure that all our clients can achieve the fine balance between business enablement and security.We do this through having the strongest team in the business, providing a unique insight into security and risk management best practice.

Our daily tasks vary significantly throughout the team; however, the focus remains on delivering often highly technical solutions that help our clients improve their security and controls posture. This might include analysing granular details such as user access within a set of systems, providing new data protection measures, or drawing solutions from data sets.

In joining our team, you can expect to be working on challenging projects across a wide range of global clients (e.g. FTSE 100) and industries. The nature of projects will be diverse and will vary across the categories of advisory, assurance, managed services and system implementation. Whilst being actively engaged on solving business problems, our core practice remains specialised in technical solutions for our clients.

About You

We are looking for independent, proactive and ambitious individuals who are committed to making a meaningful contribution to Turnkey. While an Information Security background would be advantageous, intellectual curiosity and a can-do attitude is more important than the subject of your degree. If you appreciate attention to detail, utilising data to inform decisions, and working on projects alongside a range of clients, then this is an excellent opportunity for you.

Our training programme is designed to equip you with a broad set of skills that will help you to excel in your consultancy career with us. Although the role has a technical bias, we expect to build your technical skills throughout the scheme, so no existing technical knowledge is required to apply.

What to expect in your first twelve months:

• An initial immersive training schedule to introduce you to our strategic practice pillars and provide an understanding of the technical aspects fundamental to this role

• We will then aim to place you on projects across the strategic service lines as soon as possible after completing initial training, where the more senior delivery team will provide continued support

• Throughout your first year, you will be encouraged to complete soft skills training and be mentored to develop these skills further, with the expectation of gaining certification within twelve months of joining

• After twelve months, you can expect to be aligned to one of our strategic practices, giving you the opportunity to work towards a more technically focussed and specialised certification in your second year.

Key attributes we are looking for are:

• Excellent communication skills (written and verbal)

• Ability to build enduring relationships

• Analytical skills to investigate and solve complex problems in a structured manner

• Ability to explain technical concepts clearly and concisely

• Flexibility to work on multiple different types of projects

• Confidence to ask questions and contribute

• Initiative - always looking for better ways of doing things

• An Honours Degree in any discipline

• Ideally an understanding of basic networking and operating systems (e.g. windows or linux) would be desirable but not necessary

• An inquisitive mind capable of considering the unintended opportunities for disruption and consequences of security gaps

Your responsibilities will include:

• Working with a range of clients on multidisciplinary projects

• Working on our managed service engagements to deliver improvements and enhancements to our customers’ ongoing business operations

• Supporting application/solution implementation including definition of relevant master data requirements

• Critical analysis of information to validate solution adherence to requirements, including various application testing techniques

• Coordination of activities with clients and team members to deliver project tasks to the required quality standards

• Analysing data to drive decision-making and help in providing the best solutions to our clients

• Internally you will be involved in operational and practice-development activities which may include marketing, HR, events or managing team social calendars

#J-18808-Ljbffr