Job Description
Governance, Risk & Compliance:
- Develop, maintain, and socialize cybersecurity control standards, and guidelines.
- Assist stakeholders on cybersecurity risk management program, including identification, assessment, treatment, and reporting of cyber risks.
- Drive implementation of cyber risk metrics and dashboards for executive and board-level reporting.
- Advise business and technology units on control design, residual risk, and exceptions.
Technology & Architecture:
- Manage and maintain the organisation's security infrastructure, ensuring optimal performance and availability.
- Evaluate and recommend new security technologies and tools to enhance security capabilities.
- Collaborate with IT teams on the implementation and integration of security solutions.
Team Leadership & Development:
- Lead, mentor, and develop a team of security analysts and engineers,fostering a collaborative and high performing environment.
- Lead efforts to advance the company's expertise in cybersecurity, setting a vision that inspires innovation and excellence.
- Assign tasks, set priorities, and monitor team performance to ensure efficient and effective security operations.
- Conduct regular team meetings, provide constructive feedback, and support the professional growth of team members.
- Contribute to recruitment and onboarding processes for new security operations personnel.
Awareness & Engagement:
- Collaborate effectively with other IT teams, business units, and external vendors on security-related matters.
- Communicate security risks and recommendations clearly and concisely to both technical and non-technical audiences.
Security Monitoring and Analysis:
- Oversee the continuous monitoring of security systems, including SIEM,intrusion detection/prevention systems (IDS/IPS), endpoint detection and response (EDR), and other security tools.
- Analyse security alerts and events to identify potential threats, vulnerabilities,and breaches.
- Develop and refine security monitoring rules, alerts, and dashboards to improve detection capabilities.
Incident Response and Remediation:
- Lead investigations into security incidents and coordinate containment, remediation, and root cause analysis.
- Conduct post-incident analysis to identify root causes and implement preventative measures.
- Continuously improve the organization's incident response capability and playbooks.
- Communicate effectively with stakeholders during security incidents, providing timely updates and recommendations.
Threat Intelligence:
- Stay abreast of the latest security threats, trends, and attack techniques.
- Utilise threat intelligence feeds to proactively identify potential risks and inform security monitoring and incident response efforts.
Management of 3rd Party SecOps team:
- Define specific security responsibilities, performance metrics (KPIs), and service level agreements (SLAs) upfront. This ensures both parties understand the scope of work, expected outcomes, and accountability.
- Foster regular and transparent communication channels. Schedule consistent meetings, share relevant threat intelligence, and encourage collaborative problem-solving to ensure seamless integration and responsiveness.
- Establish clear processes for monitoring performance, conducting audits, and verifying compliance against agreed-upon standards and regulations.
- Regular reviews and feedback mechanisms are crucial for continuous improvement and risk mitigation.
Requirements
- Bachelor's or Master's degree in Information Security, IT, Computer Science, or related field.
- Cyber Security related qualifications such as CISA, CISSP, CISM, CRISC, GIAC will be an advantage.
- Minimum 5 to 8 years of Cybersecurity operations working experience
- Well verse in Security Standards such ISO27001 and NIST etc.
- Good understanding of IT Governance, Project Management and Methodologies
- Good understand of various regulation/laws related to cybersecurity such as Cybersecurity Act 2018 (and CCoP 2.0), Singapore's Personal Data Protection Act (PDPA)
- Well verse in MITRE ATT&CK & D3FEND framework
- Technical hands-on expertise and well verse in Security related products Firewalls, IDS/IPS, EDR,
- IAM, PAM, VMS, WAF, SIEM and PKI are preferred
- Familiarity with financial services or critical infrastructure regulatory environments is an advantage.
