Get to know our Team:
Grab’s Incident Response team is responsible for detecting and mitigating attempts to abuse Grab’s networks, data, resources, and employees. We focus on both internal and external threats and have a diverse array of talented individuals on the team. If you want to help build the response team of one of SE Asia’s highest profile companies, this is the place for you.
Get to know the Role:
As a Technical Investigator at Grab, you’ll be responsible for ensuring that Grab’s digital assets are monitored, protected, and that suspected abuse of them is fully investigated. You will be called upon to determine the truth of the matter in diverse situations, cultures, languages, and technologies. Your core responsibility will be to work with your peers and Grab’s diverse data to provide clarity amidst confusion and hard facts amid suspicion. Your technical skills will be front and center, as will your ability to communicate your results clearly and compellingly. You’ll be surrounded by smart, driven people who all care about Grab’s mission and information security.
The day-to-day activities:
- Investigate: Use your technical skills to identify high level outliers and zoom in all the way to specific events that corroborate or cast doubt on a particular set of findings. When you find a pattern of behavior, expand your search throughout the organization to find other examples of it.
- Respond: When an incident occurs, you will be on the front lines of response for the entire company, working side by side with our security analysts, engineers and forensic analysts.
- Advise: Help us pick the best solutions to nascent problems - vendors, processes, training, etc. You will use your expertise to shape the future of the team
The must haves
- Proven technical expertise - Data analysis/data science skills are a requirement for this role as you’ll be trawling through data day in and day out in this role. Strong SQL experience, Python, R, ELK, Splunk and other languages and tools are assets. Bonus points for testifying to your findings or supporting them in an adversarial environment.
- Various certificates like GCFE, GCFA, CFCE, CFE, etc are nice-to-haves but not required Strong, proven track record of delivering results in fast-paced, resource scarce environments. Assume your favorite tool is not available but that you have the chance to learn a new one
- Ability to handle stress effectively and maintain strong output during an incident
- Curiosity and a relentless drive to understand how networks work and how they can be abused
- Initiative and drive - we are building this team from the ground up which means we often have to improvise and make important decisions with imperfect information. You should seek these opportunities out rather than shy away from them
