Forensic Technology - Cyber Response

**Responsibilities** - Conduct cyber forensic investigations and electronic discovery requests for legal and corporate clients. - Perform digital forensic evidence collection throughout the incident response phases, extensive log analysis and meta-data analysis. - Perform operating system and hard drive digital forensic evidence analysis. - Analyze results from tools and determine indicators of compromise (IOCs), root cause of compromise, possible attack vectors, potential threat actors and the overall risk/threat the client is facing. - Provide recommendations and advise on steps to mitigate the current attack, present risks and remediate the potentially vulnerable environment and remove the ability of ongoing/future attacks. - Analyze results of assessment and create technical accurate and articulate reports in a business professional language, to be shared with technical stakeholder, executive stakeholders and potentially third parties. - Implement and manage SIEM/SOAR platform. - Support other forensic team members including fraud investigation, eDiscovery and data analytics. **Qualifications** - 1-4 years of experience in Information Technology with at least 1 year in security operation (4-6 years for Assistant Manager). - Bachelors degree or higher in Computer Forensics, Cyber Security, Computer Science, Information Systems, or Information Technology related fields. - Proficient knowledge of overall IT infrastructure, including operating systems; information systems security; network architecture; hardware and software troubleshooting. - Basic understanding of cyber security frameworks (MITRE ATT&CK, NIST, SANS, etc.) - Broad knowledge of Security Operation Center (SOC), Security Information and Event Management (SIEM), threat actors and techniques used to compromise organizations. - Good knowledge of scripting languages e.g., PowerShell, Python, SQL - Familiarity with forensic imaging tools (EnCase, FTK, Cellebrite, Paladin, etc.) and eDiscovery tools (Intella, NUIX, Relativity, etc.) is a plus. - Capable of working independently to solve problems under deadlines and to manage multiple projects/priorities under time constraints. - Ability to independently undertake moderate domestic/overseas travel with short notice. - Proficiency in spoken and written English and Thai. - Beneficial certificates: GCFE, GCFA, GCIH, EnCE, CFSR, CISSP, Security+ and CySA+

Information :

• Company : KPMG
• Position : Forensic Technology - Cyber Response
• Location : กรุงเทพฯ
• Country : TH