Forensic Technology

**Responsibilities**
- Conduct cyber forensic investigations and electronic discovery requests for legal and corporate clients.
- Perform digital forensic evidence collection throughout the incident response phases, extensive log analysis and meta-data analysis.
- Perform operating system and hard drive digital forensic evidence analysis.
- Analyze results from tools and determine indicators of compromise (IOCs), root cause of compromise, possible attack vectors, potential threat actors and the overall risk/threat the client is facing.
- Provide recommendations and advise on steps to mitigate the current attack, present risks and remediate the potentially vulnerable environment and remove the ability of ongoing/future attacks.
- Analyze results of assessment and create technical accurate and articulate reports in a business professional language, to be shared with technical stakeholder, executive stakeholders and potentially third parties.
- Implement and manage SIEM/SOAR platform.
- Support other forensic team members including fraud investigation, eDiscovery and data analytics.

**Qualifications**
- 1-4 years of experience in Information Technology with at least 1 year in security operation (4-6 years for Assistant Manager).
- Bachelor's degree or higher in Computer Forensics, Cyber Security, Computer Science, Information Systems, or Information Technology related fields.
- Proficient knowledge of overall IT infrastructure, including operating systems; information systems security; network architecture; hardware and software troubleshooting.
- Basic understanding of cyber security frameworks (MITRE ATT&CK, NIST, SANS, etc.)
- Broad knowledge of Security Operation Center (SOC), Security Information and Event Management (SIEM), threat actors and techniques used to compromise organizations.
- Good knowledge of scripting languages e.g., PowerShell, Python, SQL
- Familiarity with forensic imaging tools (EnCase, FTK, Cellebrite, Paladin, etc.) and eDiscovery tools (Intella, NUIX, Relativity, etc.) is a plus.
- Capable of working independently to solve problems under deadlines and to manage multiple projects/priorities under time constraints.
- Ability to independently undertake moderate domestic/overseas travel with short notice.
- Proficiency in spoken and written English and Thai.
- Beneficial certificates: GCFE, GCFA, GCIH, EnCE, CFSR, CISSP, Security+ and CySA+