As a Cloud Incident Response Consultant, you will be responsible for delivering both reactive and proactive services engagements in the Asia Pacific and Japan region. As the Leading consultant for cloud Incident response engagements, you will be responsible for assisting our clients in identifying, responding to, and containing attacker activity in their AWS, Azure, and/or GCP environments, as well as improving the team’s incident response capabilities by contributing to and spearheading automation projects.
You will be a member of a highly collaborative industry leading team that thrives on the daily challenges of stopping breaches from the world's most sophisticated adversaries. This is an individual contributor, senior technical consulting role that requires hands-on technical expertise and ability to communicate effectively with both technical and business stakeholders. This person should be capable of supporting, managing, and mentoring less experienced team members.
The right candidate will possess excellent energy and drive and a real desire to help organisations respond to security incidents. The ability to work in a high stress, high pressure situation is a must as well as the ability to work together with the team around the APJ region. Candidates with a consulting background in cloud forensics, incident response, and cyber security are encouraged to apply.
What You'll Do:
Lead cloud incident response engagements.
Manage projects and perform forensic analysis on incident response engagements involving Azure, AWS, or GCP data
Manage projects and perform analysis on technical assessments looking for evidence of compromise and/or security misconfigurations in Azure, M365, AWS, or GCP
Manage projects and deliver adversary simulation (purple team) exercises in Azure, AWS and GCP.
Advise organizations while they respond to threat actor activity targeting cloud environment.
Produce high-quality written and verbal reports, presentations, recommendations, and findings to customer management.
Present technical material to non-technical and technical audiences
Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.
What You'll Need:
Understanding of how security is applied in the major three cloud platforms, AWS, Azure and GCP.
Knowledge of AWS, Azure, or GCP incident response methodologies
Familiarity with how modern workloads work in the cloud - DevOps, CICD pipelines, containers, functions, etc. and related security defences and pitfalls
Understanding of Cloud Based attacks and tactics used by the Threat Actors to target the three major cloud platforms
Knowledge of evidence availability in Cloud and understanding to acquire and perform analysis on the same
Exceptional written and oral communication skills. Ability to write and present technical content, including being able to present to senior executives
Following certifications preferred but not required GIAC Cloud Forensics Responder (GCFR) or similar
