Technical Consulting Senior Engineer | CS

I. PURPOSE

To accomplish all assigned tasks by the management in a timely and effective manner as deemed necessary for the betterment of the organization as a whole. 

II.    DUTIES AND RESPONSIBILITIES

•    Assist the Technical Consulting Manager and provide mentorship and guidance to engineers.
•    Evaluate, recommend, and implement new tools and technologies to enhance the team’s capabilities.
•    Perform initial review on reports and documentation generated by the engineers.
•    Ensure the execution of services within the allocated budget hours or parameters defined by the Service Level Agreement.
•    Obtain professional certifications and actively participate in relevant training sessions related to the provided services.
•    Deliver high-quality services to clients with the goal of ensuring customer satisfaction.

Vulnerability Assessment and Penetration Testing
•    Plan and execute Vulnerability Assessment (VA), Vulnerability Management (VM), Vulnerability Assessment and Penetration Testing (VAPT), Phishing Simulation, and Red Teaming activities.
•    Evaluate the effectiveness of existing security controls and provide recommendations for improvements.
•    Simulate real-world cyber-attacks to identify potential weaknesses.
•    Prepare detailed reports on findings, and recommended remediation strategies.
•    Communicate findings to technical and non-technical stakeholders in a clear and understandable manner.
•    Work closely with cross-functional teams to integrate security best practices into development and operational processes.
•    Collaborate with IT teams, developers, and system administrators to address and resolve security issues.
•    Stay informed about the latest security threats, vulnerabilities, and industry best practices.

Digital Forensics and Incident Response
•    Conduct advanced digital forensics investigations on various digital devices, including computers, servers, mobile devices, and network equipment.
•    Utilize industry-standard forensic tools and techniques to acquire, analyze, and preserve digital evidence.
•    Lead and coordinate incident response efforts during cybersecurity incidents, including data breaches, malware infections, and unauthorized access.
•    Develop and implement incident response plans to contain and eradicate security incidents effectively.
•    Collaborate with cross-functional teams to minimize the impact of incidents, providing guidance on corrective actions.
•    Prepare detailed and well-documented reports outlining findings, methodologies, and recommendations.
•    Contribute to post-incident reports, sharing insights and lessons learned for continuous improvement.

III.    QUALIFICATIONS

Minimum Education
•    College Graduate or Diploma holder of any computer-related course.
•    Preferably a degree in Information Technology, Engineering, or a related field.

Minimum Experience/Training 
•    2 years+ experience working in Vulnerability Assessment and Penetration Testing, Red Teaming or Security Operations particularly in Digital Forensics and Incident Response.
•    Knowledge of ITIL, Infrastructure related technologies & understanding of business relevance of the technologies
•    Experience working with IT systems and software related to Vulnerability Assessment and Penetration Testing, or Digital Forensics and Incident Response.

E.    Competency 
•    Effective team player with collaborative skills, capable of analyzing substantial technical data in a fast-paced environment.
•    Strong problem-solving abilities, analytical skills, and effective time management.
•    Positive, energetic, and enthusiastic demeanor with keen attention to detail.
•    Excellent multitasking and task prioritization skills.
•    Self-motivated, proactive, and customer-centric in approach.
•    Quick learner with adaptability to dynamic working environments.
•    Capacity to exercise judgment in high-pressure situations with minimal external guidance.
•    Broad knowledge of cybersecurity and privacy principles.
•    Familiarity with computer networking concepts, protocols, and security methodologies.
•    Understanding of laws, regulations, policies, and ethics relevant to cybersecurity and privacy.
•    Proficiency in risk management processes, encompassing methods for assessing and mitigating risk.
•    Familiarity with cyber threats, vulnerabilities, and the operational impacts of cybersecurity lapses.
•    Knowledge of traffic flows across the network, encompassing Transmission Control Protocol (TCP), Internet Protocol (IP), Open System Interconnection Model (OSI), and Information Technology Infrastructure Library (ITIL).
•    Awareness of application vulnerabilities and system/application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
•    Ability to perform penetration testing on network devices, servers, workstations, APIs, Web and Mobile Applications.
•    Skills in conducting vulnerability assessment, vulnerability management, phishing simulation, and red teaming activities. 
•    Knowledge of programming language structures and logic, including the ability to apply programming language structures (e.g., source code review) and logic.
•    Understanding of MITRE ATT&CK Framework and NIST SP800-61.
•    Skills in identifying, capturing, containing, and reporting malware.
•    Familiarity with designing incident response procedures.
•    Understanding of investigative implications related to hardware, operating systems, and network technologies.
•    Proficiency in data carving tools and techniques, with awareness of anti-forensics tactics, techniques, and procedures.
•    Comprehensive knowledge of processing digital forensic data and reverse engineering concepts.
•    Proficiency in malware analysis tools and binary analysis.
•    Competence in preserving evidence integrity according to standard operating procedures or national standards.
•    Skills in using digital forensics tools and conducting forensic analyses in multiple operating system environments.

TRAININGS & CERTIFICATIONS (is a plus)
•    CompTIA Network+, Security+
•    EC-Council CEH, ECIH, CHFI, CSA, CTIA, ECSA, LPT, CPENT 
•    eLearnSecurity eJPT, eCPPT, eCPTx, eWAPT, eMAPT, eCIR, eCDFP, 
•    any other related certifications

IV. WORKING CONDITIONS

•    Probationary for 6 months  
•    Personal and professional development (certified training, on-the-job coaching & mentoring, career progression support)
•    Shifting & Reporting to Office (will be WFH if advised by the management)
•    Possible to work on extended hours
•    On-call Duty