Bring your career aspirations to life with AIA!The role of the candidate is to be a part of the GIS Cybersecurity team to function as a part of the Cyber Security Incident Response and Monitoring Team CSIRT).
The candidate would be required to ensure that all threats/risks that could impact or have a potential impact on the AIA environment are responded, managed and handled in a timely and complete manner.
- Lead Incident Response (IR) engagements and guide local business units through a variety of incidents (i.e., breaches, malware/virus outbreaks, security incidents, and forensics investigations).
- Support service providers performing Cyber Security monitoring, to enhance their monitoring, triage investigation processes capabilities prior to escalation.
- Leverage detection and response solutions in place, to further assess any escalated potential incidents.
- Manage and coordinate potential incidents escalations, for investigation, along with any required internal or external stakeholders.
- Communication and coordination of Cyber Security Incident response actions with Business Units.
- Management of Cyber Security Incidents for the Group, within SLA.
- Partnering with key service providers to support security investigations.
- Analysis of Cyber Security threat intelligence, ensuring that AIA Group prevention, detection and response capabilities setup is maximized against those new threats.
- In depth analysis of malware or other potential malicious processes or software identified in the organization.
- Coordination of Cyber Security testing activities and providing advice on remediation.
- Develop, document, and maintain SOPs and knowledge base for cyber security services including incident response, intelligence analysis, evidence acquisition, forensics recovery, and others.
- Continuous knowledge improvement in tools and best practices in Cyber Security threat monitoring and incident response.
- Prepare, write, and present reports and briefings.
Job Requirements :
- Degree in Computer Science or related discipline.
- 5+ years experience working hands-on technical role in Cyber Security Monitoring and Incident Response (SOC & IR).
- Ability to learn and apply Containment, Mitigation, and Remediation concepts based on TTP's.
- Good experience and knowledge on cybersecurity incident response/ ethical hacking / forensic analysis & SIEM solutions.
- Adequate experience in handling Phishing, DLP, Malware, Web & network attack incidents and understanding of remediation methods for specific incidents.
- Experience conducting log and activity review, along with stream or packet capture, in support of intrusion analysis.
- Ability to handle stressful situations and think on the feet and strong decision making.
- Excellent written and verbal communication skills and ability to escalate timely to management. Experienced in multicultural virtual team management and coordination.
- Desirable: ECCouncil Computer Hacking Forensics Investigator (CHFI), Technical certifications: GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA).
