Associate (Forensics Lead), Incident Response

Overview

Associate (Forensics Lead), Incident Response — S-RM Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia The role focuses on forensic investigations within our Incident Response team, delivering delivery-focused support across incident response services and complex cyber incidents. Responsibilities

Supporting technical incident response from first contact through to closure: act as a technical resource on response cases, deploying expertise, creating tailored strategies for response workstreams, and guiding project colleagues as needed. Overseeing host- and network-based incident response investigations: triage, system recovery, technical evidence collection, and forensics, log, malware and root cause analyses. Developing and sharing domain expertise: grow cyber expertise and share it with the wider team through internal initiatives and programs. Participating in an on-call rotation to provide 24x7x365 client incident coverage. Engaging in a variety of casework across public and corporate clients, with opportunities to broaden security awareness into testing and advisory projects, in addition to deepening incident response expertise. Flexible working practices to support wellbeing, with options to balance on-site and remote work. Qualifications

Direct experience working in an Incident Response or Digital Forensics team is strongly preferred; candidates with exposure to IR teams or roles with IR aspects will be considered. Fundamental understanding of computer systems and networks, including:

Windows systems (e.g., domain services, standard build templates, SCCM, PowerShell) Networking (firewall rules, network segmentation, DNS) Virtualization technologies (ESXi, Hyper-V) Endpoint Detection & Response solutions

Experience conducting forensic investigations, particularly on Windows systems; Linux and MacOS investigation experience is preferred. Understanding of core incident response workstreams, including containment and restoration/recovery, is a benefit. Critical and investigative mindset with the ability to solve problems with limited information and guidance. Knowledge of cyber threat actors and their TTPs. Strong communication skills, comfortable speaking to individuals at all levels of an organization. Certifications (or equivalent) such as GCFE, GCFA, GCIH, GNFA are preferred; beneficial certifications include EnCE, CFSR, CISSP, GREM, CCNA, MCFE, OSCP, Network+ and Security+. Working proficiency in another language (e.g., Malay, Tamil, Mandarin, Cantonese, Vietnamese) is beneficial but not required. Must have permission to work in Malaysia by the start of employment. Benefits

20 days paid holiday each year, plus public holidays and additional leave accrual up to 5 days. Flexible working: minimum two days in the office per week; remote work option; flexible hours between 7am and 7pm. Pension scheme: EPF contributions in accordance with legislative requirements. Life insurance; company-paid private medical and dental insurance. Company-paid maternity, paternity and fertility treatment leave. Employee Assistance Programme: 24/7 access to specialist support services and resources. The role will be based in our office in Kuala Lumpur with flexible working arrangements available.

#J-18808-Ljbffr

Information :

• Company : S-RM
• Position : Associate (Forensics Lead), Incident Response
• Location : Kuala Lumpur, Kuala Lumpur
• Country : MY