KEY ROLES AND RESPONSIBILITIES
• Ensure enhancement of SOC for cyber threats monitoring, detection, analysis and response through the use of threat intelligent and automation
• Project management and Vendors Management
• Drive continuous improvement of Incident Response Framework, Incident Response Plan, Event Management, Standard Operation Procedure, Playbook and etc. for cybersecurity operations and incident response
• Perform advanced trend, pattern and statistical analysis to project future technical cyber threat scenarios
• Synthesize multiple information sources and analysis reports into a holistic view of potential threats
• Conduct in-depth research into cyber security issues of industry- or nation-wide significance
• Produce findings to help initialize or support law enforcement and counterintelligence investigations or activities
• Establish incident management procedures for the detection, reporting and handling of incidents
• Develop a playbook for cyber incident management
• Perform the remediation and resolution of cyber incidents at the organizational level
• Direct post-mortem activities following critical incidents
• Work closely with internal and external parties to manage the operation of SOC
• Manage security operation to ensure implemented security technologies and controls are effective and adequate to protect our infrastructure/business
• Track and analyse cybersecurity metrics for effectiveness, benchmarking and management reporting.
QUALIFICATIONS & EXPERIENCE
• 3-5 or more years of experience in running security operations including management of Security Operation Center (SOC).
• Technical know-how and experience in IT security solutions such as (but not limited to) and at least operated in more than one of the followings:-
• Network Security : F/W, IPS, VPN, UTM, NAC
• Knowledge in Checkpoint, Juniper, Cisco, Aruba and Fortigate, CyberArk, Tripwire, will be an added advantage
• Content Security : WEB Security, Anti-Spam/Anti-Virus
• End point Security : Anti-Virus/Malware, Host base IPS, DLP, BitLocker
• Security Information Management: SIEM, Security management, Forensics
• Advance Persistence Threat Solution
• Experience in conducting detailed cyber security events investigation and analysis including leading and responding to cyber security incidents
• Familiar with Kill Chain methodology, MITRE Att&ck, NIST Cybersecurity Framework, ISO 27001, 27002 and etc.
• Relevant Cybersecurity Certifications such as CISM, CISSP, GCIH, GNFA, CCSK, CRIST will be an added advantage
