Crypto.com is hiring a

Web3 Cyber Security Incident Responder (SG)

Crypto.com was founded in 2016 on a simple belief: it's a basic human right for everyone to control their money, data and identity. With over 10+ million users on its platform today, Crypto.com provides a powerful alternative to traditional financial services, turning its vision of "cryptocurrency in every wallet" into reality, one customer at a time. Crypto.com is built on a solid foundation of security, privacy and compliance and is the first cryptocurrency company in the world to have CCSS Level 3, ISO27001:2013 and PCI:DSS 3.2.1, Level 1 compliance. For more information, please visit www.crypto.com.

As a Cyber Security Incident Responder at Crypto.com, you will be part of Cyber Security Incident Response Team (CSIRT) in the Cyber Fusion Center (CFC) to facilitate the cyber security incident response process throughout the incident response cycle - from Preparation to Identification, Containment, Eradication, Recovery and Lessons Learnt - along with other incident responders around the globe.

You will apply all of your skills on cyber defense, digital forensics, log analysis, intrusion analysis and any related skills to respond to security incidents on our endpoints, network, and cloud infrastructure. In this role, you will provide prevention, detection, response and remediation activities to ensure information assets and technologies are adequately protected using different technologies like NGFW, EDR, IDS/IPS, EDR, DLP and more.

You will also apply your collaboration and communication skills to work effectively with members of the CFC globally.

Responsibilities

• Direct report to the CSIRT Lead to facilitate all phases in the incident response lifecycle.
• Preparation
  • Understand different regulatory and compliance requirements like critical time to report, escalation flows, etc.
  • Take part in self-assessment exercises like Tabletop Exercises, Attack Simulations, Red/Purple Team exercises to make sure the incident response process is working smoothly
  • Develop incident response runbooks, playbooks and SOPs with reference to different regulatory requirements
  • Evaluate the incident response readiness of different layers - from tools, platform, to process
• Detection & Analysis
  • Respond to the cyber security incidents escalated by the 7/24 monitoring team.
  • Respond to cyber security incidents in compliance with the local authority / regulatory requirements.
  • Assess the risk, impact and scope of the identified security threats
  • Perform deep-dive incident analysis of various data sources by analyzing and investigating security related logs against medium-term threats and IOCs
• Containment, Eradication and Recovery
  • Communicate with the stakeholders and provide guidance, recommendations to contain and eradicate the security incident
  • Participate in root cause analysis using forensic and other custom tools to identify any sources of compromise and/or malicious activities taking place.
  • Document and present investigative findings for high profile events and other incidents of interest.

• Post incident activities
  • Provide lessons learnt meeting to the stakeholders
  • Lead and keep track on the follow-up activities
  • Document the incident in the case management system and provide incident reports
• On-call will be required in case of security incidents.

• 4+ years of experience in the Cyber Security industry
• 2+ years of security operations and incident response experience
• Excellent understanding of the cyber security incident response process
• Hands-on experience on performing incident response activities
• Have scripting experience like Bash, PowerShell, Python, Go, etc, and the ability to use these skills to aid in responding to incidents involving Windows, Linux, macOS, as well as cloud environment
• Have experience writing procedural documentation (playbooks and runbooks)
• Have experience with cybersecurity tools and software like NGFW, EDR, IDS/IPS, EDR, DLP, etc.
• Be familiar with the MITRE ATT&CK Framework and/or Cyber Kill Chain
• Be passionate on exploring new technologies and having creative initiative to boost the team capabilities
• Holders of security related certifications is a plus (e.g. CISSP, GCIH, GCIA, GCFA, GNFA, GREM, or other equivalent)
• Knowledge of regulatory and compliance requirements like GDPR, MAS, PSD2 etc is a plus.

• We offer an attractive compensation package working in a cutting-edge field of combining cryptocurrency and financial services.
• Huge responsibilities from Day 1. Be the owner of your own learning curve. The possibilities are limitless and depend on you.
• You get to work in a very dynamic environment and be part of an international team.
• Flexible working.

Apply Now: