x
Get our mobile app
Fast & easy access to Jobstore
Use App
Congratulations!
You just received a job recommendation!
check it out now
Browse Jobs
Companies
Campus Hiring
Download App
Jobs in Singapore   »   Jobs in Singapore   »   Senior Manager
 banner picture 1  banner picture 2  banner picture 3

Senior Manager

Amkor Technology Singapore Holding Pte. Ltd.

We are seeking an experienced and highly skilled candidate to join our cybersecurity team in the Global CSIRT (Computer Security Incident Response Team) and Operational Technology (OT) group. The ideal candidate is responsible to lead our global CSIRT, to focus on identifying, responding to, and remediating/mitigating cybersecurity incidents that could impact our business. He/She will also lead the team to explore and extend information security to Operation Technology (OT) area.

Essential Duties and Responsibilities

Incident Response

- Direct and regularly update a comprehensive incident response strategy that aligns with the company's overall cybersecurity framework and business objectives.

- Coordinate and manage the response to cybersecurity incidents, including detection, analysis, containment, eradication, and recovery.

- A primary point of contact for all major security incidents, working closely with IT and Manufacturing and Business Cross-Functional teams to ensure a coordinated and effective response.

- Ensure the CSIRT team is proactive and to respond instantly to all possible threats, alerts and warnings from the Security Operations Center).

- Oversee post-incident activities, including root cause analysis, lessons learned, and the implementation of improvements to prevent future incidents.

- Stay current with threat intelligence for emerging threats, vulnerabilities, exploits, and attack techniques.

- Ensure all incident response activities are conducted in compliance with applicable laws, regulations, and industry standards.

- Develop and maintain incident response policies, procedures, and playbooks, ensuring they are up-to-date and aligned with industry best practices.

- Schedule and facilitate Incident Response exercises, including tabletop exercises and red/blue team activities, to test identification, protection, detection, response, and recover functions.

Penetration Test & Red Team Exercises

- Oversee the planning, execution, and management of penetration testing and red team activities across the organization.

- Work with internal teams and external vendors to ensure regular and comprehensive testing of the comapny’s security posture, controls, systems, networks, applications and Security Operation Center.

- Analyze the results of penetration tests and red team exercises, prioritize findings based on risk, and work with relevant teams to implement remediation measures.

- Continuously enhance the PenTest and Red Team program to align with emerging threats and industry best practices.

Operational Technology (OT) Security Management

- Lead the development and implementation of security strategies specifically tailored to protect the company's OT environments, including production machines and industrial control systems (ICS), and other critical infrastructure.

- Work closely with Production Team, Human Resources, Physical Security and Facility teams across various sites to collect inventory and assess risk to develop and implement a defense in depth strategy.

- Develop OT security policies and procedures and improve OT environment security without disrupting production or operational efficiency.

- Conduct risk assessments of OT environments to identify vulnerabilities and potential threats.

- Implement mitigation strategies to reduce the risk of cyber threats to OT systems.

- Develop specialized incident response protocols for OT environments, ensuring that the CSIRT team is prepared to respond effectively to security incidents within these critical areas.

- Ensure the alignment of IT and OT security strategies, fostering collaboration between IT security teams and Production operational teams to address the unique challenges of securing operational technology.

- Keep abreast of emerging threats, vulnerabilities, and best practices in OT security, and apply this knowledge to continuously improve the security posture of the company's OT environments.

Collaboration, Communication and Continuous Improvement

- Work closely with other cybersecurity functions, including vulnerability management, risk management, governance, and compliance to ensure a holistic approach to security.

- Establish strong working relationships with external partners, including law enforcement, industry peers, and security vendors, to enhance the company’s incident response capabilities.

- Provide regular updates to senior leadership on the status of security incidents, trends, and the effectiveness of the incident response program.

- Identify opportunities for improvement in the incident response process and drive the implementation of these enhancements.

- Stay current with industry trends, emerging threats, and evolving best practices to ensure the company’s incident response program remains effective and resilient.

Team Leadership

- Build, develop, retain and lead a strong global CSIRT team and OT team, providing direction, mentorship, and support to team members across various regions.

- Ensure the CSIRT team is equipped with the necessary tools, processes, and training to effectively detect, respond to, and recover from security incidents.

- Provides coaching and formal performance management to the team

Required Qualifications

- 10-15 years of experience in IT management role, at least 7 years of experience in cybersecurity, with a leadership role within incident response, penetration testing, or security operations.

- Proven track record of managing and leading global teams, preferably in a large, complex, and geographically dispersed organization.

- In-depth knowledge of cybersecurity threats, vulnerabilities, and attack techniques, as well as incident response, penetration testing and red team methodologies.

- Strong understanding of security monitoring, incident response, and penetration testing technologies, such as SIEM, EDR, threat intelligence platforms, forensic tools, and vulnerability scanners.

- Hands-on experience with incident response processes, including threat detection, triage, analysis, and remediation.

- Familiarity with relevant regulatory requirements, security frameworks, and industry standards, such as GDPR, ISO 27001, NIST CSF, MITRE ATT&CK and others.

- Familiar with manufacturing processes and factory environment in semiconductor industry.

- Advanced degrees or certifications (e.g., CISSP, CISM, SANS GIAC) are highly desirable.

- Strong IT infrastructure and strong IT operation background is required.

- Strong analytical and problem-solving abilities, with a keen attention to detail.

- Possess strong communication skills, both verbal and written, effective in collaborating with cross-functional, cultural groups, and global leadership.

- Ability to work under pressure and handle multiple priorities in a fast-paced environment.

Sharing is Caring

Know others who would be interested in this job?