Digital Forensics & Incident Response Specialist (DFIR)

ST Engineering is a global technology, defence and engineering group with offices across Asia, Europe, the Middle East and the U.S., serving customers in more than 100 countries. The Group uses technology and innovation to solve real-world problems and improve lives. Our dedication to excellence and our strong track record have earned us a distinctive reputation for quality and trust spanning across the aerospace, smart city, defence and public security segments. Headquartered in Singapore, ST Engineering ranks among the largest companies listed on the Singapore Exchange.

Join our Cyber Team

We are an industry leader in cybersecurity with over two decades of experience, we deliver a holistic suite of trusted cybersecurity solutions to empower cyber resilience for government and ministries, critical infrastructures, and commercial enterprises. Backed by our indigenous capabilities and deep domain expertise, we offer robust cyber-secure products and services in cryptography, cybersecurity engineering, digital authentication, SCADA protection, audit and compliance. We specialise in the design and build of security operations centres for cybersecurity professionals and provide managed security services to strengthen the cybersecurity posture of our government and enterprise customers.

We are seeking a highly skilled and experienced Digital Forensics & Incident Response Specialist to join our cybersecurity team. This role requires hands-on technical expertise in analyzing security incidents, conducting proactive threat hunts, and investigating breaches.

About The Role

Digital Forensics & Incident Response (DFIR)

• Conduct comprehensive digital forensic investigations of security incidents, including malware infections, data breaches, insider threats, and advanced persistent threats (APTs).
• Analyze and interpret security incidents and vulnerabilities using forensic tools and methodologies.
• Collect, preserve, and analyze digital evidence from various systems and environments.
• Develop and execute incident response plans, provide guidance on containment, eradication, and recovery processes.
• Document findings and produce detailed investigation reports for internal stakeholders and external authorities, if necessary.
• Collaborate with the legal and compliance teams to ensure evidence handling follows industry standards and regulations. Threat Hunting
• Participate and assist in the buildup of the threat hunting capability.
• Participate/Support the development of threat hunting systems and tools to automate or facilitate threat hunting.
• Lead/participate in the threat hunting projects to hunt for unknown threats focusing on discovering new or unknown Tactics, Techniques and Procedures (TTPs).
• Develop and use threat hunting methodologies and tools to identify vulnerabilities, anomalies, and suspicious activities.
• Identify and research emerging threats, vulnerabilities, and attack techniques to stay ahead of attackers.
• Utilize threat intelligence feeds, behavior analytics, and machine learning to improve detection and hunting capabilities.
  
  

Requirements

• Minimum of 4 years of experience in cybersecurity, with a focus on Digital Forensics, Incident Response, and Threat Hunting.
• Relevant industry certifications such as GIAC Certified Forensic Analyst (GCFA), Certified Forensic Examiner (GCFE), Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP), or equivalent certifications is a plus.
• Strong knowledge of forensic tools (e.g., EnCase, FTK, X-Ways, Axiom) and threat hunting methodology.
• Hands-on experience with SIEM (Security Information and Event Management), EDR (Endpoint Detection and Response), and other security tools.
• Good understanding of network protocols, operating systems (Windows, Linux, macOS), and cloud platforms (AWS, Azure, GCP).
• Proficiency in scripting languages (e.g., Python, PowerShell) to automate incident response and threat hunting tasks.
• Strong analytical, problem-solving, and communication skills.
• Ability to work under pressure and manage multiple high-priority tasks in a dynamic environment.
• Knowledge of cybersecurity frameworks and standards such as NIST, ISO 27001, and MITRE ATT&CK.
• Work Location: Jurong East
  
  

Find out more: https://www.stengg.com/cybersecurity

ST Engineering believes in fostering a culture where team members are encouraged to overcome challenges, explore new ideas, and work together to succeed. We value individuals who are determined to push beyond the boundaries, and have a thirst for knowledge, continuous learning, and self-improvement.