Apply for Job
Cyber Defence Center Operations Manager
StarHub Green
Job Description
JOB PURPOSE
The Cyber Defence Center (CDC) Operations Manager is responsible for overseeing and managing the security operations function within an organization. Their primary responsibility is to ensure the confidentiality, integrity, and availability of the organization's information systems and data. Overall, the CDC Operations Manager plays a critical role in protecting the organization's information assets, maintaining operational resilience, and minimizing the impact of security incidents. The CDC Operations Manager needs to stay current with emerging threats, technologies, and industry best practices to effectively address the ever-evolving landscape of cybersecurity.
KEY RESPONSIBILITIES
- Security Operations Management: Responsible for the overall management of security operations. This includes planning, organizing, and coordinating security activities to protect the organization's assets, networks, and systems from potential threats and vulnerabilities. Also bridges the gap between CDC team and senior management, report on security operations and security posture.
- Team Management: Lead and manage the CDC multinational team, including hiring and training security professionals, setting performance objectives, and providing guidance and support. They foster a collaborative and inclusive work environment, promote professional development, and ensure effective communication within the team and with other departments.
- Incident Response: Lead the incident response efforts, ensuring that security incidents are detected, analyzed, and responded to promptly and effectively. This involves developing and implementing incident response plans, coordinating with relevant stakeholders, and ensuring the appropriate measures are taken to mitigate the impact of security incidents.
- Threat Monitoring and Detection: Oversees the monitoring and detection of security threats and vulnerabilities. This includes managing security monitoring tools, analyzing security logs and alerts, conducting threat intelligence analysis, and staying updated with the latest security threats and trends.
- Security Incident Investigations: Responsible for overseeing the investigation of security incidents, conducting root cause analysis, and identifying necessary remediation actions. This involves coordinating with internal teams, such as IT, legal, and HR, as well as external stakeholders, such as law enforcement and regulatory agencies, when necessary.
- Security Architecture and Tools: Collaborate with other teams, such as IT and infrastructure, to develop and implement effective security architectures, policies, and procedures. This includes evaluating and selecting security tools and technologies, ensuring their proper configuration and deployment, and conducting regular assessments to identify areas for improvement.
- Security Awareness and Training: Responsible for promoting a culture of security awareness and education within the organization. This involves developing and delivering security training programs, conducting awareness campaigns, and providing guidance to employees on security best practices.
- Compliance and Regulatory Requirements: Ensure that the organization complies with relevant security regulations, industry standards, and internal policies. This includes staying updated with legal and regulatory changes, conducting internal audits and assessments, and addressing any identified gaps or non-compliance issues.
- Manage vendors/suppliers’ relationships.
PERSON SPECIFICATION
Requirements :
- Degree in Computer Science or Cyber Security or equivalent with 8+ years of experience
- Experience in managing and building Security Operations Centre, Managed Security services (MSS) and cybersecurity operations with in-depth knowledge of the cybersecurity landscape (best practice, latest trends, market preference) and strong connection to cybersecurity community.
- Strong understanding of network devices such as Security Incident & Event Management (SIEM), Security orchestration (SOAR), Intrusion Detection Systems (IDS)/ Intrusion Prevent Systems (IPS), firewalls, DDOS, network packet capture tools and proven track record in designing and operationalizing highly automated, AI powered next generation CDC.
- Working knowledge of Mitre ATT&CK, CIS Critical Security Controls and NIST Cyber Security Framework
- Security certifications (CISSP, CISM, CISA, GIAC or equivalent certification) preferred.
- Strong problem-solving skills, critical thinking, excellent analytical ability, strong judgment and the ability to deliver high performance and high levels of customer satisfaction.
- Experience in Networking (TCP/IP/switching/routing/protocols etc., system administrator (windows/Linux/ Active directory/Hardening etc.), programming (programming concepts/object orientation basics), cloud / Mobile Application experience & Technology awareness like Cloud, Mobile, Fixed and Entertainment networks.
Interpersonal:
- Must be independent, resourceful, pro-active, Strong problem-solving skills, critical thinking, excellent analytical ability, strong judgment and the ability to deliver high performance and high levels of customer satisfaction.
- Have good communication and interpersonal skills.
- Willing to travel between Singapore and Malaysia occasionally
- Results-oriented with strong customer focus. Positive mind to face challenges.
- Demonstrate adaptability with desire to learn new technologies and systems.