Crypto.com is hiring a

Web3 Cyber Incident Response and Intrusion Forensics Team (CIRIFT) Senior Manager

About Crypto.com: 

Crypto.com was founded in 2016 on a simple belief: it's a basic human right for everyone to control their money, data and identity. With over 10+ million users on its platform today,Crypto.com provides a powerful alternative to traditional financial services, turning its vision of "cryptocurrency in every wallet" into reality, one customer at a time.Crypto.com is built on a solid foundation of security, privacy and compliance and is the first cryptocurrency company in the world to have ISO27001:2013 and PCI:DSS 3.2.1, Level 1 compliance.Crypto.com is headquartered in Singapore with a 3,500+ strong team. 

For more information, please visit www.crypto.com.

As part of the CIRIFT at Crypto.com, you will have to highly competent and experienced in responding and managing cyber security incident throughout the cycle - from Preparation to Identification, Containment, Eradication, Recovery and Lessons Learnt - along with other incident responders around the globe.

You will apply all of your skills on cyber defense, digital forensics, log analysis, intrusion analysis and any related skills to respond to security incidents on our endpoints, network, and cloud infrastructure. In this role, you will provide prevention, detection, response and remediation activities to ensure information assets and technologies are adequately protected using different technologies like NGFW, EDR, IDS/IPS, EDR, DLP and more. You will also apply your collaboration and communication skills to work effectively with all relevant stakeholders in multicultural/global environments.

Responsibilities

Direct report to the Head of Incident Response to facilitate all phases in the incident response lifecycle.

Preparation

Understand different regulatory and compliance requirements like critical time to report, escalation flows, etc.

Take part in self-assessment exercises like Tabletop Exercises, Attack Simulations, Red/Purple Team exercises to make sure the incident response process is working smoothly

Develop incident response runbooks, playbooks and SOPs with reference to different regulatory requirements

Evaluate the incident response readiness of different layers - people, process, technology

Detection & Analysis

Respond to the cyber security incidents escalated from various channels including the 24/7 SOC team.

Respond to cyber security incidents in compliance with the local authority / regulatory requirements.

Assess the risk, impact and scope of the identified security threats

Perform deep-dive incident analysis of various data sources by analyzing and investigating security related logs against medium-term threats and IOCs

Containment, Eradication and Recovery

Communicate with the stakeholders and provide guidance, recommendations to contain and eradicate the security incident

Participate in root cause analysis using forensic and other custom tools to identify any sources of compromise and/or malicious activities taking place.

Document and present investigative findings for high profile events and other incidents of interest.

Post incident activities

Provide lessons learnt meeting to the stakeholders

Lead and keep track on the follow-up activities

Document the incident in the case management system and provide incident reports

Always ready to jump in, in the event of security incidents.

Requirements

At least 8 years of experience in the Cyber Security industry

3+ years of incident response experience

Excellent understanding of the cyber security incident response process

Hands-on experience on performing incident response activities

Strong technical forensic analysis skill for RCA, post-mortem, and lesson learned

Have scripting experience like Bash, PowerShell, Python, Go, etc, and the ability to use these skills to aid in responding to incidents involving Windows, Linux, macOS, as well as cloud environment

Have experience writing procedural documentation (playbooks and runbooks)Have experience with cybersecurity tools and software like NGFW, EDR, IDS/IPS, EDR, DLP, SIEM, other log management platforms, etc.

Be familiar with the MITRE ATT&CK Framework and/or Cyber Kill Chain

Be passionate on exploring new technologies and having creative initiative to boost the team capabilities

Holders of security related certifications is a plus (e.g. CISSP, GCIH, GCIA, GCFA, GNFA, GREM, or other equivalent

Knowledge of regulatory and compliance requirements like GDPR, MAS, PSD2 etc is a plus.

Preferred:

A strong team player who can collaborate with compassion

Passionate to learn about blockchain and positive attitude

Understand the concept of ownership and accountability coupled with sense of urgency and prioritization

Maturity in handling incidents and managing relevant senior and technical stakeholders

Possess business acumen/mindset (not only technical) when making critical decisions

Benefits 

What you can expect from us? We offer an attractive compensation package working in a cutting-edge field of Fintech. - Huge responsibilities from Day 1. Be the owner of your own learning curve.- The possibilities are limitless and depend on you.- You get to work in a very dynamic environment and be part of an international team.- You will get to have involvement in developing a brand new product from scratch alongside with a talented team

Crypto.com is an equal opportunity employer.

Apply Now: