Technical Consulting Senior Engineer

I.                    PURPOSE

To accomplish all assigned tasks by the management in a timely and effective manner as deemed necessary for the betterment of the organization as a whole.

II.                  DUTIES AND RESPONSIBILITIES

• Assist the Technical Consulting Manager and provide mentorship and guidance to engineers.
• Evaluate, recommend, and implement new tools and technologies to enhance the team’s capabilities.
• Perform initial review on reports and documentation generated by the engineers.
• Ensure the execution of services within the allocated budget hours or parameters defined by the Service Level Agreement.
• Obtain professional certifications and actively participate in relevant training sessions related to the provided services.
• Deliver high-quality services to clients with the goal of ensuring customer satisfaction.

A.    Vulnerability Assessment and Penetration Testing

• Plan and execute Vulnerability Assessment (VA), Vulnerability Management (VM), Vulnerability Assessment and Penetration Testing (VAPT), Phishing Simulation, and Red Teaming activities.
• Evaluate the effectiveness of existing security controls and provide recommendations for improvements.
• Simulate real-world cyber-attacks to identify potential weaknesses.
• Prepare detailed reports on findings, and recommended remediation strategies.
• Communicate findings to technical and non-technical stakeholders in a clear and understandable manner.
• Work closely with cross-functional teams to integrate security best practices into development and operational processes.
• Collaborate with IT teams, developers, and system administrators to address and resolve security issues.
• Stay informed about the latest security threats, vulnerabilities, and industry best practices.

B.    Digital Forensics and Incident Response

• Conduct advanced digital forensics investigations on various digital devices, including computers, servers, mobile devices, and network equipment.
• Utilize industry-standard forensic tools and techniques to acquire, analyze, and preserve digital evidence.
• Lead and coordinate incident response efforts during cybersecurity incidents, including data breaches, malware infections, and unauthorized access.
• Develop and implement incident response plans to contain and eradicate security incidents effectively.
• Collaborate with cross-functional teams to minimize the impact of incidents, providing guidance on corrective actions.
• Prepare detailed and well-documented reports outlining findings, methodologies, and recommendations.
• Contribute to post-incident reports, sharing insights and lessons learned for continuous improvement.

III.                QUALIFICATIONS

A.    Minimum Education

• College Graduate or Diploma holder of any computer-related course.
• Preferably a degree in Information Technology, Engineering, or a related field.

B.    Minimum Experience/Training

• 2 years+ experience working in Vulnerability Assessment and Penetration Testing, Red Teaming or Security Operations particularly in Digital Forensics and Incident Response.
• Knowledge of ITIL, Infrastructure related technologies & understanding of business relevance of the technologies
• Experience working with IT systems and software related to Vulnerability Assessment and Penetration Testing, or Digital Forensics and Incident Response.

C.    Competency

• Effective team player with collaborative skills, capable of analyzing substantial technical data in a fast-paced environment.
• Strong problem-solving abilities, analytical skills, and effective time management.
• Positive, energetic, and enthusiastic demeanor with keen attention to detail.
• Excellent multitasking and task prioritization skills.
• Self-motivated, proactive, and customer-centric in approach.
• Quick learner with adaptability to dynamic working environments.
• Capacity to exercise judgment in high-pressure situations with minimal external guidance.
• Broad knowledge of cybersecurity and privacy principles.
• Familiarity with computer networking concepts, protocols, and security methodologies.
• Understanding of laws, regulations, policies, and ethics relevant to cybersecurity and privacy.
• Proficiency in risk management processes, encompassing methods for assessing and mitigating risk.
• Familiarity with cyber threats, vulnerabilities, and the operational impacts of cybersecurity lapses.
• Knowledge of traffic flows across the network, encompassing Transmission Control Protocol (TCP), Internet Protocol (IP), Open System Interconnection Model (OSI), and Information Technology Infrastructure Library (ITIL).
• Awareness of application vulnerabilities and system/application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• Ability to perform penetration testing on network devices, servers, workstations, APIs, Web and Mobile Applications.
• Skills in conducting vulnerability assessment, vulnerability management, phishing simulation, and red teaming activities.
• Knowledge of programming language structures and logic, including the ability to apply programming language structures (e.g., source code review) and logic.
• Understanding of MITRE ATT&CK Framework and NIST SP800-61.
• Skills in identifying, capturing, containing, and reporting malware.
• Familiarity with designing incident response procedures.
• Understanding of investigative implications related to hardware, operating systems, and network technologies.
• Proficiency in data carving tools and techniques, with awareness of anti-forensics tactics, techniques, and procedures.
• Comprehensive knowledge of processing digital forensic data and reverse engineering concepts.
• Proficiency in malware analysis tools and binary analysis.
• Competence in preserving evidence integrity according to standard operating procedures or national standards.
• Skills in using digital forensics tools and conducting forensic analyses in multiple operating system environments.

D.    TRAININGS & CERTIFICATIONS (is a plus)

• CompTIA Network+, Security+
• EC-Council CEH, ECIH, CHFI, CSA, CTIA, ECSA, LPT, CPENT
• eLearnSecurity eJPT, eCPPT, eCPTx, eWAPT, eMAPT, eCIR, eCDFP, any other related certifications

IV.                WORKING CONDITIONS

• Probationary for 6 months
• Personal and professional development (certified training, on-the-job coaching & mentoring, career progression support)
• Shifting & Reporting to Office (will be WFH if advised by the management)
• Possible to work on extended hours
• On-call Duty