As ASMPT continues its Digital Transformation Journey, we are looking for a highly motivated, experienced and hands-on technical lead to build and lead ASMPT Security Operation Center / SOC.
As ASMPT’ SOC Lead you will primarily be responsible in protecting ASMPT digital environment through timely cybersecurity incident monitoring & respond, and escalation to prevent losses from cyber attacks. You will also be responsible to build the SOC, ensuring it is well-run & adequately equipped to manage ever-changing cybersecurity threats.
Roles and Responsibilities:
- Lead, coordinate and execute plan to build and run Security Operation Center
- Oversee daily IT Security operations & SOC while actively monitoring emerging threats and security technologies. (Vulnerability management, investigation, reporting and security monitoring, incident response)
- Identifying critical security operations metrics and implementing necessary improvements to create solid security practices.
- Provide management oversight for the identification, triage and response of events or incidents of apparent security breaches.
- Design and implement IT Security Operations Center framework and ensure that the policies, controls, and procedures are effective and operationally sound.
- Work closely with internal stakeholders to identify and implement necessary changes that bring about improvements and efficiencies, ensuring that solid security practices within the organization are upheld.
- Train and educate Security staff, other Technology Departments, and external business partners on SOC management and procedures.
- Monitor changes of regulations and accreditation standards affecting information security and provide recommendations for policy changes.
- Provide supervision and ownership for intrusion detection and response.
- Monitor, maintain and fine-tuning SOC tools. This may involve working with IT infrastructure colleague and other stakeholder to tune existing network & security infrastructure: Endpoint Security, Next Generation Firewall (NGFW), Encryption, email and network proxy gateways, Microsoft 365, DLP etc.
- Conduct research, perform PoC to evaluate new emerging technologies and maintain up-to-date understanding of the latest threats, vulnerabilities, mitigation, industry best practices, regulations.
- Report on SOC KPIs, vulnerabilities, non-compliance and other security exposures, including misuse of information assets and non-compliance
- Other duties as assigned.
Pre-requisite :
- A proven track record as an SOC lead that has implemented and run SOC & collaborate with teams internationally
- Hand on experience with security technologies such as NGFW, Endpoint Security, DLP, Proxy, Secure Email Gateway, Active Directory, Identity and Access Management (IAM), Microsoft 65, etc.
- Min. Bachelor Degree in Computer Science or Information Technology or equivalent.
- At least 5 years of experience in IT Security.
- General knowledge of industry best practices on security hardening, OWASP, network security, security risk & management frameworks, national cybersecurity standards, ISO27001, etc.
- Possess basic technical knowledge in IT network infrastructure, server platforms, applications.
- Experience in using security tools, such as Vulnerability Assessment tools, SIEM, IPS, Log Management, Penetrating Testing Software).
- Possess industry certifications, such as CISSP, GCIH, CISM preferred.
- Effective oral and written communication skills.
- Team player
- Strong skills in managing vendor relationships
- Data driven, with a continuous improvement mind-set acumen.
