1. Responsibilities
· Strategic planning for IT security investments and technology adoption to maximize effectiveness of IT security controls against rapidly evolving threats.
· Develop and enhance the integrated Security Operations Centre (SOC) for advanced cyber threat monitoring and detection, early warning and active defence capabilities for both the Financial Sector and MAS as an institution.
· Work closely with internal and external stakeholders to manage the operations of the integrated SOC.
· Develop and implement cyber resilience frameworks, standard operating procedures and playbooks for cyber security operations and incident response.
· Ensure that cyber threats, risks and vulnerabilities are appropriately investigated and addressed promptly.
· Coordinate the investigations of cybersecurity incidents with internal teams and cross agency partners.
· Perform periodic management and third-party reporting.
· Work with partners to perform periodic rules tuning, streamline procedures and implement automation to improve efficiency and quality of output.
· Participate in various internal, external and international forums/projects on cyber security.
· Broad understanding of Financial Sectors operations will be provided so that we can better relate the linkages between business and cyber operation.
2. What we are looking for
• Strong interest in SOC operations.
• Hands-on experiences with implementing services/application on Windows and/or Linux preferred.
• Hands-on experiences with prevailing SIEM tools preferred.
• Hands-on experiences with prevailing cloud technologies preferred.
• Scripting/coding skills preferred.
• Normal office hours, but off-office hours standby to respond to exigencies is expected.
• Management of technical projects/implementation is expected.
• Writing of proposals and procurement related work is expected.
