Share this Job
Apply now

Apply for Job

Assistant Manager, Cybersecurity Incident Response

Date:  23-Nov-2022
Location: 

StarHub Green

Company:  StarHub Ltd

Job Description

The candidate will report to Head of Incident Response Team and he/she will plan and oversee the performance of security response to security incidents in an IT environment. He / She will present cyber-incident reports to senior leaders. 

The candidate will identify and define cyber threats and its root causes. He / She will propose mitigation techniques and countermeasures as well as develops cyber security solutions to prevent future attacks. The candidate will develop and implement cyber incident response strategies.

The candidate is required to be on standby with on-call availability with varied shifts including nights, weekends and holidays.

The candidate is required to be familiarised with industrial cyber security standards, protocols, frameworks and have good knowledge in using various cyber security tools and techniques to resolve incidents.

Responsibilities:

1. Develop and implement cyber incident response strategy 

  • Develop approaches to combat cyber threats and mitigate risks to information systems assets.
  • Develop contingency and disaster recovery plans tailored specifically for every security incident.
  • Establish incident response policies and standards for the organisation.
  • Develop incident response processes and policies, refreshing them where required.
  • Advise senior management on major information security-related risks and cyber incident response strategies.

 

2. Manage cyber security incidents

  • Communicate and escalate security activities to leadership.
  • Handle responses to cyber security incidents.
  • Lead the recovery of contained cyber security incidents, following established processes and policies.
  • Utilize appropriate cyber incident management techniques to resolve challenges.

 

3. Oversee cyber threat analysis

  • Collect, analyze and store cyber threat intelligence information.
  • Analyze past cyber-attacks to draw insights and implications on the organization.
  • Recommend ways to enhance the resilience and security of IT systems.
  • Propose mitigation techniques and countermeasures to ensure cyber threats are kept at a minimum.
  • Optimise cyber security data analytics models to pre-empt and detect suspicious activities.

Qualifications

Bachelor’s degree in computer science or related field, or a similar field. Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), GIAC Continuous Monitoring Certification (GMON), Global Industrial Cyber Security Professional (GICSP), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA) or other similar credentials.

Experiences in following areas:

1. Cyber Forensics    

  • Develop a digital forensic investigation plan, and integrate analysis of evidence, outlining key conclusions, insights and recommendations.
  • Experience with one or more scripting languages (PowerShell, Python, Bash, etc).

 

2. Cyber and Data Breach Incident Management    

  • Develop incident management procedures and synthesise incident-related analyses to distil key insights, resolve incidents and establish mitigating and preventive solutions.
  • Minimum 7 years of Information Security or Incident Response related experience.

 

3. Cyber Risk Management    

  • Assess and direct enhancements to cyber risk assessment techniques and develop strategies to address cyber security loopholes.

 

4. Security Assessment and Testing    

  • Design security testing plan, and perform advanced, authorised penetration testing as well as intelligence analysis on cyber-attack incidents.

 

5. Stakeholder Management    

  • Serve as the organisation's main contact point for stakeholder communications, clarifying responsibilities among stakeholders, and engaging them to align expectations.

 

6. Threat Analysis and Defense    

  • Examine malicious threat behaviour and capabilities, and circumvent anti-analysis mechanisms, recommending techniques to block malicious code and attacks.
  • Experience in analyzing system and application logs to investigate security issues and/or complex operational issues. Hands on experience of any SIEM, Elasticsearch, Logstash, and Kibana (ELK), Entity Behavior Analysis (UEBA) technologies and/or log management solution and competent performing log analysis, data correlation, etc.

 

7. Threat Intelligence and Detection    

  • Develop strategies to monitor threats and project future technical cyber threat scenarios and present mission reports to key stakeholders.

 

8. Budgeting    

  • Manage budgeting and forecasting for annual financial and business planning within the cybersecurity business unit.

 

9. General knowledge in mainstream operating systems (Windows, Linux, etc.), network protocols, security infrastructure, etc.    

  • Good knowledge of one or more of the following: Windows/AD file system, registry functions and memory artefacts, Unix/Linux file systems and memory artefacts, Mac file systems and memory artefacts, TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP and SMB, and etc.

 

*We regret that only shortlisted candidates will be notified.

To APPLY NOW, click on Skye!

Apply now

Apply for Job