KEY ROLES AND RESPONSIBILITIES:
- Monitor threat landscape and issue advisories that are applicable to the organisation on a continuous basis.
- Respond to alerts generated from solutions, threat intel and user reporting ensuring incident investigation follows IR plan with severity classification. RCA is complete with lesson learnt conducted.
- Conduct threat simulation to identify early indicator of compromise and work with Solutions team to mitigate the gaps identified at the solutions.
- Conduct threat hunting when receiving indicators from threat intel ensuring our environment is secure and free from vulnerabilities.
- Manage vulnerabilities on a continuous basis and work with patch management team to ensure vulnerabilities are managed within acceptable threshold.
- Manage and work with Managed service providers (MSSP) to provide 24/7 monitoring and incident response ensuring incidents are closed on a timely manner.
- Review security architecture design and implement solutions to ensure systems are built to meet company’s cybersecurity framework and policies.
- Ensure appropriate security technologies are in place to manage threats.
- Perform administration of security solutions in the company.
- Establish and maintain SOPs of the supported solutions and architecture designs.
- Perform project management and vendor management.
QUALIFICATIONS & EXPERIENCE:
- Minimum 6 years of relevant experience in IT security
- Technical know-how and experience in solutions such as but not limited to:
- Network Security (F/W, IPS, VPN, NAC) - Checkpoint, Fortigate, Palo Alto
- Web Security (WAF, Web isolation) - Cloudflare, Zscaler, Menlo, Microsoft
- Endpoint Security (EDR, AV, DLP) - Crowdstrike, Symantec, Microsoft, Forcepoint
- Threat Monitoring - Qradar, Demisto, Resilient, Claroty
- Vulnerability Management – Tenable, Qualys, Ivanti, Microsoft
- Cloud Security – Microsoft, Palo Alto
- Identity Management - Microsoft, CyberArk
- Threat Hunting and Simulation – Cymulate, Crowdstrike
- Knowledgeable in security standards or regulations such as NIST, ISO 27001, SOC2, CCOP (SG), PDPA (SG), GDPR(EU), Security by Design will be an added advantage.
- Certifications such as CISSP, OSCP, CCSK will be an added advantage.
PREFERRED SKILLS & CHARACTERISTICS:
- Strong interpersonal skills with the ability to communicate and explain technical concepts to non-technical users.
- Independent worker with initiatives, positive attitude, and team player
- Good analytical skills and attention to details
- Good verbal and written communications