Senior Manager, Threat Intelligence

About FWD Group

FWD Group is a pan-Asian life and health insurance business with more than 12 million customers across 10 markets, including some of the fastest-growing insurance markets in the world. The company was established in 2013 and is focused on changing the way people feel about insurance. FWD’s customer-led and digitally enabled approach aims to deliver innovative propositions, easy-to-understand products and a simpler insurance experience.

For more information, please visit www.fwd.com

FWD Technology and Innovation Malaysia Sdn. Bhd., known as FWD TIM, was established in late 2019. Strategically located in Kuala Lumpur, FWD TIM serves as a pivotal shared service location within FWD Group, providing services to multiple markets across the Group. FWD TIM houses a diverse and talented workforce focused on essential business and technology services such as information security, cloud operations, IT solutions delivery, digital and data, actuarial, finance, investments, and customer service, among many others. FWD TIM is dedicated to drive and deliver operational excellence and efficiency, foster innovation and ensure regulatory compliance across all business functions as well as maintain a competitive edge in the market.

PURPOSE

• Senior Manager in FWD Group Information Security (GIS) Monitoring & Incident Response function – serving FWD Group and all Business Units under the Group
• Senior Subject Matter Expert on Threat Intelligence for GIS
• Lead a team of contractors, vendor professional services and automated roles to deliver to FWD the output of a full Threat Intelligence team both on-site and remote
• Lead, drive and support initiatives and projects to enhance or build new capabilities in FWD GIS for GIS Threat Intelligence pillar
• Define, test, build and continuously enhance GIS Threat Intel platforms, sources and services
• Define Standards and Standard Operating Procedures for Threat Intel
• Define and implement enhancement of detection and protection capabilities across FWD Information Security Solutions
• Support Monitoring and Incident Response in automation of contextualization of cyber threat alerts by leveraging threat intelligence platforms
• Deliver Threat Intelligence that can be applied to the defense of the entire Group and Strategic, Operational and Tactical levels
• Support Threat and Vulnerability Management (TVM) and Application Security (AppSec) work on attack surface and attack simulation platforms
• Identify and coordinate with GIS Security Engineering teams on threats that require configuration uplifts in FWD Protect and Detect solutions
• Identify and coordinate with GIS Incident Response on Threat Hunting
• Apply GenAI technologies to Threat Intelligence processing and delivery to drive next-generation Cyber Fusion
• Provide Threat Intel expertise to Group and Business Units when required
• Build knowledge capital through research and development and leveraging industry insights to deliver best of breed expertise to stakeholders.

KEY ACCOUNTABILITIES

• Support the head of GIS Security Monitoring & Incident Response in the overall framework, standards and operations of Threat Intelligence pillar
• Build and maintain a full Threat Intelligence team made out of staff, contractors, vendor professional services, vendor virtual teams and automated equivalents thereof
• Deliver fully realized and value-added Threat Intel services to FWD
• Drive new projects and continuously improve existing projects and platforms of Threat Intel pillar including selection of solutions, architecture, implementation and delivery
• Work closely with head of GIS Monitoring & Incident Response to report and update management on Threat Intel pillar’s status and risks
• Apply GenAI technologies to the processing and delivery of Threat Intelligence
• Monitor and advise on emerging risks and opportunities for GenAI for GIS and for FWD

KEY PERFORMANCE INDICATORS

• On-time and on-budget delivery of key Threat Intel Program uplifts and implementations
• On-time delivery of Threat Intel deliverables to FWD Group and Business Units
• Compliance to Audits of auditable Threat Intel deliverables
• Cost-effectiveness of Threat Intel implementation and processes
• Actionable outputs and processes to validate follow up actions
• Effectiveness of Threat Intel team pillar and assigned staff, contractors, vendor professional services and automated roles
• Doing things right, creating synergies for the overall FWD goals and objectives, along with a people first approach

EXTERNAL & INTERNAL CONTACTS

• Group CISO
• Group Head of IT Security Monitoring and Incident Response
• Group Information Security Monitoring and Incident Response
• Other Group Information Security teams/pillars
• FWD Group and BU BISO’s
• FWD Group IT and IT Shared Services
• Business Units IT and IT Security Teams
• IT Vendors and/or Service Providers
• Group and BU CTO’s
• Group and BU Internal/External Auditors

DECISION MAKING

• Group Information Security Threat Intelligence pillar and GIS as a whole
• Business units’ information security risks and advisories
• Infrastructure level security advisories
• Recommended Threat Intel vendors and services

QUALIFICATIONS / EXPERIENCE

• Minimum of 5 years working experience in a hands-on technical role in Information Security functions relating to Threat Intel
• 2 years working experience leading or managing a technical team
• Experienced in multi-cultural onsite and virtual team management and vendor management
• Regional experience in this role is preferred
• Degree in a relevant Information Technology or equivalent discipline

KNOWLEDGE & TECHNICAL SKILLS

• Demonstrated expertise in Threat Intelligence and Cybersecurity at a Senior Subject Matter Expert level
• Excellent knowledge of Advanced Persistent Threats, attack tools, techniques, and methods used by threat actors
• Broad knowledge of information security controls
• Broad knowledge of information security threat landscape
• Broad knowledge of information technology architecture and securing said infrastructure
• Ability to define, prioritize and execute process in a structured manner
• Ability to delegate work to subordinate teams and contractors/vendors
• Good communication and presentation skills including ability to communicate information for both technical and non-technical audience
• Desirable: GIAC Cyber Threat Intelligence (GCTI) certification, CREST Certified Threat Intelligence Manager, ECCouncil Computer Hacking Forensics Investigator (CHFI), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA)

COMPETENCIES

• Good relationship builder and able to convey message to various levels
• Able to summarize and elaborate on Threat Intelligence for both technical and non-technical audiences
• Understand IT and Information security broadly and deeply as the scope covers all aspects
• Project management and vendor management
• People leadership