Job Description

About the role
Enhance Changi Airport Group (CAG)\'s cyber resilience as a Cyber Threat Investigator who will proactively identify early signs of potential cyber intrusion and rigorously investigate potential security breaches.This role reports to the Team Lead of the Cyber Intelligence and Resilience (CIR) team under the Cybersecurity & Digital Governance (CDG) division.What does work in this role look like?You will be expected to \xe2\x80\xa6Incident Response

• Collaborate with various stakeholders to ensure expedited resolution of security incidents, including the conducting of root cause analysis and assisting in the after-action review.
• Facilitate cyber exercises and tabletop simulations to refine procedures and sustain operational alertness.
• Contribute to the creation of cyber exercises and tabletop simulations to replicate realistic threat scenarios.

Digital Forensics

• Conduct digital forensics investigations as required.
• Develop and maintain incident response plans and playbooks.
• Collaborate with our Cyber Threat Intelligence (CTI) analyst to deliver reports in multiple formats, ranging from routine update emails to comprehensive technical investigation reports, as per stakeholder requests.

Threat Hunting

• Proactively threat hunt for potential cyber intrusion.
• Formulating threat hunting hypotheses, documenting the outcomes, and presenting task status reports to stakeholders; and
• Contributing to the development of detection rules and use cases to enhance threat detection and monitoring capabilities.

Other General Duties

• Offer expert advice on investigations and threat assessment as needed.
• Collaborate with our CTI analyst to conduct research on new and different Tactics, Techniques and Procedures (TTP) for different threat groups.
• Stay up to date with the latest cybersecurity threats and industry best practices.

Who will make a good fit for this role?Someone with...

• Bachelor\'s Degree in Cybersecurity or equivalent, preferably specialising in digital forensics OR have worked for at least two years in the field of digital forensics. Having experience in dealing with digital intrusions will be advantageous.
• Ability to communicate technical events and analysis to non-technical audiences.
• Ability to work independently under pressure and remain calm while conducting investigations during incidents.
• Good communication, teamwork and interpersonal skills
• Strong problem solving, analytical, and technical skills.
• Excellent documentation skills.

Ideally, you will also have...

• Achieved or are in the progress of working towards digital forensics, threat hunting and/or incident response related certifications such as EnCE, Security Blue Team Level 1, CHFI or related certifications.

Changi Airport Group