Cyber Security Specialist

Position: Senior Cyber Security SOC and Incident Manager

Mode: Renewable contract

Exp- 8+ years

Manage a team to oversee the administration of security operation and incident response.

Key Responsibilities

Responsible for managing day-day security operations during business hours and leverage on GSOC team for the 24/7 internal monitoring and MSSP team for 24/7 perimeter monitoring.

Acts as a team leader providing guidance to the Incident Handlers and Security Analysts and sets goals and assists the team in accomplishing those goals.

Manage all aspects of cyber incident response; initiation, identification, containment, escalation, reporting, communication, recovery, forensic and post mortem.

Act as point of contact for all cyber security incident escalations from Group SOC and internal teams, thereby act as incident manager to resolve the escalation/incident by coordinating with relevant stakeholders within agreed SLA.

Prepare various monthly reporting on SOC/incident monitoring and present it to stakeholders and senior management.

Actively research and stay informed of current events in the security industry including the latest exploits and threats as well as preventative measures, remediation, and restoration techniques, and work with team to perform proactive threat hunting in bank environments.

Develops a procedural set of responses for cyber security problems. Maintaining and creating new playbooks for the incident response team to use as new threats emerge.

Closely monitor security tools (i.e. IPS, SIEM, VA scan, DLP, AV, ATP, XDR) for threat alerts and timely attend to it. Manage the security tools renewal, maintenance and enhancements.

Manage MSSP monitoring, outsourcing arrangement and renewals.

Identifies security flaws and vulnerabilities and communicates those effectively within the organization.

Collate and provide evidence/submission requested by various party (risk management/auditor/regulator) to confirm the security policies, processes, guidelines, controls are followed/implemented accordingly

Requirements:

A Bachelor's Degree in Computer Science, Engineering, Information Systems or its equivalent.

Minimum 8-15 years of related working experience. Knowledge of IT security is essential. Industry certifications will be a plus e.g. CRISC, CISSP, CEH, CISM and CISA.

Highly result oriented and can work independently. Must be a self-reliant team player who is comfortable with managing multiple tasks and responsibilities.

Ability to build relationship and interact effectively with internal and external parties. Strong engagement skills with stakeholder i.e. business and technology, will be a plus.

Good analytical, technical, written and verbal communication skills.

Ability to exercise discretion and independent judgment in applying established techniques, procedures or standards

Technical expertise in one or more of the following

o Network Concepts and Security, Encryption/Authentication fundamentals, Access Management, Application Security, Platform (Windows. UNIX/Linux) Security, Database Security

o Hands-on experience in various security tools (e.g. SIEM, IPS, Firewall, Vulnerability scanner tools, APT , XDR , NDR and forensic tools)

Familiar with security standards and best practice; regulatory requirement such as BNM RMIT, MAS, Paynet, PCI-DSS; Architecture and security of operating system.