Cyber Security - Crisis and Incident Management

Cyber Security - Crisis and Incident Management

This role places you at the heart of high-stakes cybersecurity crisis operations, where you'll shape strategies, steer live responses, and strengthen organizations ability to withstand, recover, and evolve through cyber-driven crises. You will act as both strategist and operator not only designing defenses but also leading the charge when events unfold, ensuring alignment with broader business imperatives.

Key Responsibilities

• Crisis Operations - Cyber Security Incident Response, reporting, analysis and research work
• Conduct deep-dive research into regulatory mandates, risk frameworks, and security policies, translating complex requirements into clear operational roadmaps that help clients advance their resilience and crisis-readiness objectives.
• Build and implement tailored frameworks, methodologies, and crisis playbooks that help organizations boost operational effectiveness, harden defenses, streamline decision-making, and mature their digital crisis capabilities.
• Serve as a front-line influencer in clients cyber crisis transformation journeys, embedding security-driven thinking directly into business operations and long-term planning.
• Actively track, interpret, and apply cutting-edge threat intelligence, attacker behaviors, and emerging cyber risks, embedding these insights into proactive strategies, response playbooks, and operational plans.
• Lead the development and operationalization of bespoke crisis response plans, ensuring they reflect the unique business realities, risk appetites, and critical asset profiles of each client.
• Drive, coordinate, and facilitate large-scale simulations, live-fire exercises, and scenario-based drills, helping client teams sharpen their ability to detect, contain, and recover from cyber crises.
• Rapidly assess the scale, impact, and severity of cyber incidents, providing real-time operational guidance on containment, mitigation, recovery actions, and business continuity.
• Act as a strategic advisor and operational lead during live cyber crises, guiding decisions on resource prioritization, internal and external communications, and multi-stakeholder engagement to reduce fallout and protect reputation.
• Conduct post-crisis reviews, lessons-learned sessions, and after-action analyses with senior stakeholders, delivering actionable insights to strengthen future resilience and operational readiness.

Essential Background & Expertise

• Bachelor's degree or higher in Computer Science, Information Security, Information Technology, or a closely related discipline.
• Minimum of 8 years of hands-on experience in cybersecurity, with demonstrated success in both technical response and high-level operational strategy.
• Proven, battle-tested experience managing real-world cybersecurity incidents, crises, or breaches including working under time pressure, coordinating multi-stakeholder responses, and navigating sensitive decision points.
• Strong preference for candidates holding advanced certifications such as CISSP, CISM, CISA, GICSP, or cloud-related security credentials.

Preferred Skills & Attributes

• Familiarity with crisis management frameworks, business continuity planning, and the design/delivery of cyber crisis simulation exercises.
• Working knowledge of the MITRE ATT&CK framework and its applications in security operations, threat modeling, and adversarial simulations.
• Fierce passion for cybersecurity resilience, with a continuous drive to stay ahead of evolving threats and expand professional expertise.
• Agile, creative thinker with the ability to innovate under pressure, solve complex problems, and push beyond conventional playbooks.
• Deep understanding of cybersecurity fundamentals, including detection, incident response, recovery protocols, and resilience frameworks.
• Familiarity with international standards like the NIST Cybersecurity Framework or comparable resilience benchmarks.
• Ability to distill complex research and threat analysis into clear, actionable operational strategies and well-crafted documentation.
• Strong knowledge of local (Singapore) cybersecurity regulations, risk management protocols, and compliance expectations.

Email: [Confidential Information]

Reg. No. R1878306

EA License no.: 16S8066