Job title: Cyber Security Incident Responder Specialist (L3)
Job type: Permanent
Emp type: Full-time
Industry: Information Technology (IT)
Functional Expertise: Information Technology (IT)
Salary type: Monthly
Salary: Negotiable
Location: Bangkok, TH
Job published: 2024-11-19
Job ID: 127781
Contact name: Methavee Mek-um

Job Description

More than just a recruitment company. At PRTR, we have been a part of our customer's success for 30 years as their total HR solutions partner. With 550 dedicated professionals and over 15,000 outsourced staff, we will continue to carry out our mission to develop a better career, a better life, and a better society, and thrive to become the No.1 people solutions organization in Southeast Asia.

As a Level 3 Cybersecurity Incident Responder Specialist, you will serve as a subject matter expert (SME) in detecting, analyzing, and mitigating sophisticated cybersecurity threats. Working within a consulting environment, you will support multiple clients in their efforts to build robust incident response capabilities, respond to active threats, and improve their security posture. You will also provide leadership and guidance to junior analysts, ensuring a structured approach to incident response processes.

Responsibilities

  • Acting as the escalation point for critical cybersecurity incidents requiring in-depth analysis and response.
  • Leading end-to-end incident response activities, including containment, eradication, and recovery.
  • Performing advanced digital forensics investigations, including memory, disk, network, and malware analysis.
  • Proactively hunting for threats and indicators of compromise (IOCs) across client environments, leveraging threat intelligence to identify adversary tactics, techniques, and procedures (TTPs).
  • Collaborating with SOC teams to optimize detection and response strategies.
  • Providing expert advice to clients on improving incident response and security monitoring capabilities, including the development of incident response plans and playbooks.
  • Conducting tabletop exercises, incident response workshops, and threat simulations.
  • Recommending and implementing security tools and technologies to enhance detection and response.
  • Developing scripts and automation workflows to streamline repetitive tasks.
  • Mentoring and training junior analysts on advanced incident response techniques.
  • Partnering with client stakeholders, IT, and security teams to align on response actions.
  • Participating in after-action reviews and lessons-learned sessions to improve processes.

Qualifications

  • At least 5 years of experience in incident response, threat hunting, or digital forensics, especially in L2.
  • Hands-on experience with SIEM tools, EDR solutions, and threat intelligence platforms.
  • Proven expertise in handling large-scale or advanced cyber incidents such as ransomware and advanced persistent threats (APTs).
  • Strong knowledge of operating systems (Windows, Linux, macOS) and network protocols.
  • Excellent communication and client-facing skills, with the ability to operate effectively in high-pressure situations.
  • Experience working in a consulting or client-facing role is a plus.
  • Familiarity with compliance frameworks (e.g., ISO 27001, NIST, GDPR) and cloud incident response (AWS, Azure, GCP) is desirable.