Cybersecurity Operation Manager / Lead

KEY ROLES AND RESPONSIBILITIES

- Ensure enhancement of Cyber Security Operations for cyber threats monitoring, detection, analysis and response through the use of threat intelligent and automation

- Project management and Vendors Management

- Drive continuous improvement of Incident Response Framework, Incident Response Plan, Event Management, Standard Operation Procedure, Playbook and etc. for cybersecurity operations and incident response

- Perform advanced trend, pattern and statistical analysis to project future technical cyber threat scenarios

- Synthesize multiple information sources and analysis reports into a holistic view of potential threats

- Conduct in-depth research into cyber security issues of industry- or nation-wide significance

- Produce findings to help initialize or support law enforcement and counterintelligence investigations or activities

- Establish incident management procedures for the detection, reporting and handling of incidents

- Develop a playbook for cyber incident management

- Perform the remediation and resolution of cyber incidents at the organizational level

- Direct post-mortem activities following critical incidents

- Work closely with internal and external parties to manage the operation of SOC

- Manage security operation to ensure implemented security technologies and controls are effective and adequate to protect our infrastructure/business

- Track and analyse cybersecurity metrics for effectiveness, benchmarking and management reporting.

QUALIFICATIONS &
EXPERIENCE

- 6-8 or more years of experience in running security operations including project management and implementation skill set.

- Technical know-how and experience in IT security solutions such as (but not limited to) and at least operated in more than one of the followings:
-

- Network Security :
F/W, IPS, VPN, UTM, NAC

- Knowledge in Checkpoint, Juniper, Cisco, Aruba and Fortigate, CyberArk, Tripwire, will be an added advantage

- Content Security :
WEB Security, Anti-Spam/Anti-Virus

- End point Security :
Anti-Virus/Malware, Host base IPS, DLP, BitLocker

- Security Information Management:
SIEM, Security management, Forensics

- Advance Persistence Threat Solution

- Experience in conducting detailed cyber security events investigation and analysis including leading and responding to cyber security incidents

- Familiar with Kill Chain methodology, MITRE Att&
Ck, NIST Cybersecurity Framework, ISO 27001, 27002 and etc.

- Relevant Cybersecurity Certifications such as CISM, CISSP, GCIH, GNFA, CCSK, CRIST will be an added advantage