- Ensure enhancement of SOC for cyber threats monitoring, detection, analysis and response through the use of threat intelligent and automation
- Project management and Vendors Management
- Drive continuous improvement of Incident Response Framework, Incident Response Plan, Event Management, Standard Operation Procedure, Playbook and etc. for cybersecurity operations and incident response
- Perform advanced trend, pattern and statistical analysis to project future technical cyber threat scenarios
- Synthesize multiple information sources and analysis reports into a holistic view of potential threats
- Conduct in-depth research into cyber security issues of industry- or nation-wide significance
- Produce findings to help initialize or support law enforcement and counterintelligence investigations or activities
- Establish incident management procedures for the detection, reporting and handling of incidents
- Develop a playbook for cyber incident management
- Perform the remediation and resolution of cyber incidents at the organizational level
- Direct post-mortem activities following critical incidents
- Work closely with internal and external parties to manage the operation of SOC
- Manage security operation to ensure implemented security technologies and controls are effective and adequate to protect our infrastructure/business
- Track and analyse cybersecurity metrics for effectiveness, benchmarking and management reporting.
QUALIFICATIONS & EXPERIENCE
- 3-5 or more years of experience in running security operations including management of Security Operation Center (SOC).
- Technical know-how and experience in IT security solutions such as (but not limited to) and at least operated in more than one of the followings:-
- Network Security : F/W, IPS, VPN, UTM, NAC
- Knowledge in Checkpoint, Juniper, Cisco, Aruba and Fortigate, CyberArk, Tripwire, will be an added advantage
- Content Security : WEB Security, Anti-Spam/Anti-Virus
- End point Security : Anti-Virus/Malware, Host base IPS, DLP, BitLocker
- Security Information Management: SIEM, Security management, Forensics
- Advance Persistence Threat Solution
- Experience in conducting detailed cyber security events investigation and analysis including leading and responding to cyber security incidents
- Familiar with Kill Chain methodology, MITRE Att&ck, NIST Cybersecurity Framework, ISO 27001, 27002 and etc.
- Relevant Cybersecurity Certifications such as CISM, CISSP, GCIH, GNFA, CCSK, CRIST will be an added advantage
PREFERRED SKILLS & CHARACTERISTICS
- Strong interpersonal skills with the ability to communicate and explain technical concepts to non-technical users
- Independent worker with initiatives, positive attitude and team player
- Good analytical skills and attention to details
- Good verbal and written communications
This role will be based in the Hill Street Office
**We regret to inform that only shortlisted candidates will be notified.