Job Description

:

Get to know our Digital Bank team:

Grab is leading a consortium for Digital Bank license and to build a bank with the right foundation - using data, technology and trust to solve problems and serve customers. We have big dreams to unlock and financial inclusion for people in our region is just one. If you have what it takes, help build our new Digibank with us.

Get to know the Role:

Lead and coordinate the investigation effort for cyber security incidents from initial escalation through after-action reporting.

Accountable to lead the response effort for security incidents including review of alert post-escalation, investigation of the incident, containment of the threat, and remediation of issues leading to the threat.

Conduct live response analysis, network analysis, log analysis, and malware triage in support of incident response investigation

Effectively communicate investigative progress, findings, opportunities and challenges to Incident Management team

Manage intake of incidents and reports from Security Operations Center and respective stakeholders using the internal case management system in a timely and accurate manner.

Serve as Subject Matter Expert for cyber security incidents in meetings with internal and external teams.

The must haves:

Bachelor's degree in a related area.

Relevant Security or Technical certifications including but not limited to (ISC)2 , SANS, OSCP.

Knowledge or experience with Cyber Incident Management programs.

Minimum 4 years of Enterprise Incident Response and/or Security Operations Centre experience.

Functional knowledge of Cyber Security and Incident Response foundations, theory, terminology (Kill Chain, TTPs, APT, Threat Hunting)

Operational experience with Splunk, ELK/Elastic, or similar log aggregation and log analysis platforms.

Familiar with Cloud technologies (e.g. AWS, GCP, Azure)

Breach Incident Response Experience (Scoping, Sweeping, Containment, Remediation Planning).

Ability to work independently on a variety of assignments with minimal supervision.

Programming/scripting experience is an asset.

Unix/Linux and Windows System Administration experience.

Knowledge of / experience with enterprise security tools.

Malware, Network, Web, and Forensic analysis skills.