Lead Cybersecurity Specialist (Cyber Defence)

Our Client is an established company in Singapore, who is seeking to recruit a Lead Cybersecurity Specialist (Security Operations).

Lead Cybersecurity Specialist (Cyber Defence)

You will be the primaryarchitect of the security governance and risk management framework., with the missionto transform GRC from a compliance-heavy exercise into a strategic enabler. Youwill ensure that risk management is deeply integrated into the lifecycle ofevery digital system, from web applications to critical Operational Technology(OT) environments.

1. Incident Management &Response Standardisation

. Unified Playbooks: Establish and maintain Incident Response(IR) playbooks for diverse threat scenarios (e.g., Ransomware, DataExfiltration, Cloud breaches).

. Crisis Leadership: Provide direct guidance and technicaloversight to agencies during High and Critical severity incidents, ensuringtimely reporting and effective containment.

. Incident Governance: Work with CIOs and CISOs to establishclear command structures and roles, empowering leaders to make difficult,high-stakes decisions during a crisis.

2. Operational Readiness& Resiliency Testing

. Advanced Exercises: Design and oversee high-quality TabletopExercises (TTX) for various stakeholders (system owners, SIROs, CISOs, CIOs).You will evaluate external vendors to ensure these exercises are realistic,comprehensive, and push the limits.

. Chaos Testing: Drive the adoption of chaos testing acrossagencies to validate the adequacy of resiliency plans and identify hiddenfailure points in critical systems.

. Capability Building: Continuously assess the operationalreadiness of the Family and lead initiatives to bridge identified gaps inincident management.

3. Continuous Monitoring& Asset Governance

. Centralised Monitoring: Ensure all systems are effectivelyonboarded to central monitoring services. Work with system owners on overcomingchallenges encountered during onboarding.

. Asset Visibility: Partner with CIOs to maintain a robust andupdated IT asset inventory, ensuring that you cannot protect what you donot know.

. Custom Threat Scenarios: Provide expert guidance for agencieswith unique threat use cases or specialised systems (e.g., OT/ICS) that falloutside standard monitoring coverage, helping them build bespoke detectioncapabilities.

4. Vulnerability &Attack Surface Management

. Full-Spectrum SOPs: Establish Standard Operating Proceduresfor vulnerability management across on-premises, cloud (GCC), and OTenvironments. Ensure that there are proper procedures for managing unpatchedvulnerabilities.

. Attack Surface Scanning: Ensure agencies deploy adequateinternal and external scanning tools. You will oversee the workflow for findingprioritisation and validate that patches are applied and effective.

5. Advocacy & Education

. Resilience Culture: Educate stakeholders on the criticalimportance of Response and Business Continuity Planning (BCP).

. Stakeholder Inculcation: Foster a mindset of assumedbreach, ensuring project owners and leaders understand their roles inthreat monitoring and incident management.

Requirements

Experience

. Years of Experience: 8 to 10 years of deep experience inCybersecurity Operations, SOC Management, or Incident Response.

. Crisis Management: Proven track record of leading orproviding technical oversight in high-pressure, high-severity securityincidents.

. Domain Expertise: Experience managing security operationsacross complex hybrid environments (On-premise, Cloud, and OT).

Technical Skills

. Incident Response & Forensics: Mastery of IRmethodologies and a strong understanding of digital forensics and malwareanalysis.

. Threat Intelligence & TTPs: Deep knowledge of the threatlandscape and the ability to map monitoring use cases to the MITRE ATT&CKframework.

. Vulnerability & Exploitation Research: Deep understandingof the CVE (Common Vulnerabilities and Exposures) system and CVSS scoring.Knowledge of exploitation techniques and the mechanics of how vulnerabilitiesare weaponised by threat actors. Ability to assess the'exploitability of a vulnerability within the specific context ofthe environment to prioritise remediation.

. Detection Technologies: Proficiency in SIEM, SOAR, XDR, andEDR technologies. Ability to evaluate the relevancy of existing monitoringtools against evolving threats.

. Cloud Operations: Strong understanding of monitoring andresponding to incidents within Government Commercial Cloud (GCC) and nativecloud environments.

. Certifications: Professional certifications such as GCIH(GIAC Certified Incident Handler), GCFA (GIAC Certified Forensic Analyst),CHFI, or CISSP are highly desirable.

Soft Skills

. Command & Control: Ability to remain calm and provideclear, authoritative guidance during high-stakes security crises.

. Diplomacy & Education: Skill in translating operationalneeds into strategic priorities for CIOs and CISOs.

. Strategic Foresight: A strong interest in emerging securitytechnologies and the ability to proactively adapt monitoring strategies tocounter new actor TTPs.

JJ Consulting Services

EA Licence No.: 12C6207

Applicants are invited to send in a MS Word resume to [Confidential Information] statingposition applying for/present/expected salaries and earliest available date.

We thank all applicants in advance and regret that only short listed candidateswill be notified.