Cybersecurity DFIR Specialist (Forensics/Incident Response)

Location Singapore
Job reference BBBH98445_1617618282
Salary Negotiable
Consultant name Sombilla Arvin Clark Sikat
Consultant email
Consultant contact no. 65515581
EA License No. 02C3423
Consultant Registration No. R1222536

Primary Responsibilities

  • Establish the company's cybersecurity incident response capability, initially in Singapore, but eventually across the business footprint.
  • Lead and/or act as the primary technical expert in cybersecurity incident response investigations.
  • Stay current with the latest cybersecurity threat landscape and how developments in threat actors could bring harm to policyholders.
  • For clients/policyholders, actively recommend and execute cybersecurity hygiene and other actions to evade, build immunity and preempt cyber-attacks.
  • Identify and validate breached and compromised systems and take action to stop attacks from spreading across the client infrastructures.
  • Conduct forensic investigations to identify and document data, resources, processes, and people compromised via cybersecurity incidents and recommend actions to repair, restore, cleanse, or compensate affected assets, persons, or organizations.

Secondary Responsibilities

  • Build a personal reputation within the company and its partners as a highly credible, trusted expert whose advice and counsel should be heeded and acted upon with thoroughness and urgency.
  • Develop the capability to produce (i) a regular cybersecurity threat and incident review; (ii) a periodic threat intelligence digest, that can be understood by non-technical persons and/or legal and compliance managers with minimal editing and up leveling.
  • Assist clients in preparing contingency plans and checklists designed to expedite diagnosis and effective response to cybersecurity incidents and compromises.
  • Evaluate, advise, and make recommendations for acquisition of IT and cybersecurity products and services.
  • Reasonably maintain 24x7 personal availability to respond to cybersecurity incidents and emergencies.


  • At least eight (8) years of experience in front line cybersecurity roles.
  • Bachelor's or Master's degree in computer science, electronic engineering, or equivalent subject areas with formal coursework or training in cybersecurity, digital forensics, and/or data protection.
  • Current holder of CISSP (Certified Information Systems Security Professional) and/or GIAC (Global Information Assurance Certification, such as GCIH or GCFA) - or equivalent. Additional cybersecurity-related certifications are advantageous.
  • Familiarity with legal and/or compliance requirements related to cybersecurity incident response and reporting.
  • Expert knowledge of tools and techniques used to conduct of disk forensics, network forensics, log analysis and malware triage in support of incident response examinations.
  • Recognize the tactics, technique, and procedures (TTP) of threat actors and able to develop scripts and create tools for quick identification of threat agents in a compromised network.
  • Ability to quickly develop intimate knowledge of physical computing assets, software, and third party (i.e. "IaaS, PaaS and SaaS") services deployed and consumed at client premises and their potential points of compromise and failure.
  • Front line experience working with teams and programs in organizations of scale and business focus.
  • Ability to help with scoping prospective engagements, leading a complete incident lifecycle (i.e. Preparation, Detection & Analysis, Containment Eradication & Recovery, Post-Incident Activity) for all levels of clients.
  • Ability to communicate highly technical, actionable information and develop reports to audiences ranging from technically astute peers to non-technical business managers, legal counsel and leaders (including C-Suite level persons).
  • Maintains social, ethical, professional, and organizational standards and values, always honors commitments.

Arvin Clark Sikat, Sombilla EA License No.: 02C3423 Personnel Registration No.: R1222536

Please note that your response to this advertisement and communications with us pursuant to this advertisement will constitute informed consent to the collection, use and/or disclosure of personal data by ManpowerGroup Singapore for the purpose of carrying out its business, in compliance with the relevant provisions of the Personal Data Protection Act 2012. To learn more about ManpowerGroup's Global Privacy Policy, please visit