Assistant Manager, Threat Intelligence, Information Security

REQ11041 Assistant Manager, Threat Intelligence, Information Security (Open)

POSITION SUMMARY:
The Assistant Manager, Threat Intelligence, Information Security is responsible for supervising the activities of threat detection and response via regular review of SIEM, IPS, EDR, and other security platforms. Utilizing the extensive Digital Forensics and Incident Response experience to conduct and manage the team individual caseload across the entire incident response or investigative lifecycle from start to finish. Working alongside with Global Security Incident Response Manager, whilst placing emphasis on collaboration and sharing of ideas and methodologies

PRIMARY RESPONSIBILITIES:
1. Responsible for providing quick fix and long-term remediations after the cyber security incidents to improve Company’s security posture
2. Prepares and reviews incident reports to update stakeholders
3. Maintains situational awareness and keeps current with cyber security news and threat actor Tactics, Techniques and Procedures (TTPs)
4. Reviews and improves existing tactics, techniques, and procedures for cyber security processes
5. Monitors developing cyber security incidents and assign analysts to assess and resolve
6. Conducts incident response activities: identify threats, detect incidents, protect the Company against these threats and incidents, respond to discovered incidents and recover the Company to a known safe state
7. Counsels and advises leadership on best practices and potential courses of action for cyber security issues
8. Supports and partners with Information Security investigations and forensics teams during active incidents

QUALIFICATIONS:
I. Experience
More than four (4) of experience in cyber security trends and technologies
II. Education BS in Computer Science, IS, or related field or three years of equivalent experience. III. Skills / Competencies
1. Understanding of operating systems and platform (e.g. Windows, Linux)
2. Understanding of security technologies such as intrusion detection and prevention
technologies, endpoint protection and proxies and ability to interpret log data produced by these technologies (including. Windows Events, Powershell Events, WMI events, AD events)
3. Solid foundation on various security tools such as Antivirus (AV), Antispam (AS),
Endpoint Detection & Response (EDR), Firewalls (FW), Intrusion Detection / Prevention Systems (IDS/IPS), Data Loss Prevention (DLP), Security Information & Event Management (SIEM)
4. Knowledge and expertise in cybersecurity management and cybersecurity best
practices to support security operations and security strategy, and to be able to provide advice and solve problems for the organization
5. Understanding of Security principles, techniques and technologies such as SANS
Top 20 Critical Security Controls and OWASP Top 10
6. Knowledge of security incident and event management, log analysis, network traffic
analysis, malware investigation/remediation, SIEM correlation logic and alert generation
7. Conduct post cyber incident review and highlight gaps to the management and relevant IT team
8. Ability to handle major cyber incidents and perform coordination with multiple teams to ensure containment and remediation are performed in a timely manner.
9. Ability to perform analysis and reporting on information from multiple data sources using data mining technique for the purpose of documenting analysis results, produce report and present to technical and executive stakeholders.

IV. Other Attributes
1. Analytical and detail oriented – individuals must have passion and initiative
2. Strong written and verbal communication skills, good listening, and presentation
skills.
3. Independent-thinker and self-starter, who still can work well within team environment
4. Team-oriented and skilled in working within collaborative environment
5. Follow-up and attention to detail with great customer service skills.
6. Displays a high commitment to delivering results
7. Works well with others
8. Achieves agreed objectives and accepts accountability for results
9. Displays the highest level of integrity