Assistant Manager, Cybersecurity Incident Response
Posted on :
25-05-2022
Employer Active
1 Vacancy
The job posting is outdated and position may be filled
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Req ID : 1102223
Job Description
- The candidate will report to Head of Incident Response Team and he/she will plan and oversee the performance of security response to security incidents in an IT environment. He / She will present cyber-incident reports to senior leaders.
- The candidate will identify and define cyber threats and its root causes. He / She will propose mitigation techniques and countermeasures as well as develops cyber security solutions to prevent future attacks. The candidate will develop and implement cyber incident response strategies.
- The candidate is required to be on standby with on-call availability with varied shifts including nights, weekends and holidays.
- The candidate is required to be familiarised with industrial cyber security standards, protocols, frameworks and have good knowledge in using various cyber security tools and techniques to resolve incidents.
Responsibilities:
1. Develop and implement cyber incident response strategy
- Develop approaches to combat cyber threats and mitigate risks to information systems assets.
- Develop contingency and disaster recovery plans tailored specifically for every security incident.
- Establish incident response policies and standards for the organisation.
- Develop incident response processes and policies, refreshing them where required.
- Advise senior management on major information security-related risks and cyber incident response strategies.
2. Manage cyber security incidents
- Communicate and escalate security activities to leadership.
- Handle responses to cyber security incidents.
- Lead the recovery of contained cyber security incidents, following established processes and policies.
- Utilize appropriate cyber incident management techniques to resolve challenges.
3. Oversee cyber threat analysis
- Collect, analyze and store cyber threat intelligence information.
- Analyze past cyber-attacks to draw insights and implications on the organization.
- Recommend ways to enhance the resilience and security of IT systems.
- Propose mitigation techniques and countermeasures to ensure cyber threats are kept at a minimum.
- Optimise cyber security data analytics models to pre-empt and detect suspicious activities.
- Qualifications
- Bachelor s degree in computer science or related field, or a similar field. Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), GIAC Continuous Monitoring Certification (GMON), Global Industrial Cyber Security Professional (GICSP), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA) or other similar credentials.
Requirements
Experiences in following areas:
1. Cyber Forensics
Develop a digital forensic investigation plan, and integrate analysis of evidence, outlining key conclusions, insights and recommendations.
Experience with one or more scripting languages (PowerShell, Python, Bash, etc).
2. Cyber and Data Breach Incident Management
Develop incident management procedures and synthesise incident-related analyses to distil key insights, resolve incidents and establish mitigating and preventive solutions.
Minimum 7 years of Information Security or Incident Response related experience.
3. Cyber Risk Management
Assess and direct enhancements to cyber risk assessment techniques and develop strategies to address cyber security loopholes.
4. Security Assessment and Testing
Design security testing plan, and perform advanced, authorised penetration testing as well as intelligence analysis on cyber-attack incidents.
5. Stakeholder Management
Serve as the organisations main contact point for stakeholder communications, clarifying responsibilities among stakeholders, and engaging them to align expectations.
6. Threat Analysis and Defense
Examine malicious threat behaviour and capabilities, and circumvent anti-analysis mechanisms, recommending techniques to block malicious code and attacks.
Experience in analyzing system and application logs to investigate security issues and/or complex operational issues. Hands on experience of any SIEM, Elasticsearch, Logstash, and Kibana (ELK), Entity Behavior Analysis (UEBA) technologies and/or log management solution and competent performing log analysis, data correlation, etc.
7. Threat Intelligence and Detection
Develop strategies to monitor threats and project future technical cyber threat scenarios and present mission reports to key stakeholders.
8. Budgeting
Manage budgeting and forecasting for annual financial and business planning within the cybersecurity business unit.
9. General knowledge in mainstream operating systems (Windows, Linux, etc.), network protocols, security infrastructure, etc.
Good knowledge of one or more of the following: Windows/AD file system, registry functions and memory artefacts, Unix/Linux file systems and memory artefacts, Mac file systems and memory artefacts, TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP and SMB, and etc.
Experiences in following areas: 1. Cyber Forensics Develop a digital forensic investigation plan, and integrate analysis of evidence, outlining key conclusions, insights and recommendations. Experience with one or more scripting languages (PowerShell, Python, Bash, etc). 2. Cyber and Data Breach Incident Management Develop incident management procedures and synthesise incident-related analyses to distil key insights, resolve incidents and establish mitigating and preventive solutions. Minimum 7 years of Information Security or Incident Response related experience. 3. Cyber Risk Management Assess and direct enhancements to cyber risk assessment techniques and develop strategies to address cyber security loopholes. 4. Security Assessment and Testing Design security testing plan, and perform advanced, authorised penetration testing as well as intelligence analysis on cyber-attack incidents. 5. Stakeholder Management Serve as the organisation's main contact point for stakeholder communications, clarifying responsibilities among stakeholders, and engaging them to align expectations. 6. Threat Analysis and Defense Examine malicious threat behaviour and capabilities, and circumvent anti-analysis mechanisms, recommending techniques to block malicious code and attacks. Experience in analyzing system and application logs to investigate security issues and/or complex operational issues. Hands on experience of any SIEM, Elasticsearch, Logstash, and Kibana (ELK), Entity Behavior Analysis (UEBA) technologies and/or log management solution and competent performing log analysis, data correlation, etc. 7. Threat Intelligence and Detection Develop strategies to monitor threats and project future technical cyber threat scenarios and present mission reports to key stakeholders. 8. Budgeting Manage budgeting and forecasting for annual financial and business planning within the cybersecurity business unit. 9. General knowledge in mainstream operating systems (Windows, Linux, etc.), network protocols, security infrastructure, etc. Good knowledge of one or more of the following: Windows/AD file system, registry functions and memory artefacts, Unix/Linux file systems and memory artefacts, Mac file systems and memory artefacts, TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP and SMB, and etc.
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
