Be wary of WhatsApp messages impersonating Jobline Resources's staff offering job opportunities. Those who encounter suspicious messages can contact Jobline at +65 6339 7198

Responsibilities

  • Oversee the entire incident response lifecycle from detection to resolution.
  • Lead investigations of IT security incidents and ensure thorough root cause analysis and remediation.
  • Develop and maintain incident response playbooks and procedures.
  • Coordinate with internal, external stakeholders, and vendors during incidents.
  • Conduct post-incident reviews and report findings to management.
  • Develop and implement advanced threat detection and monitoring strategies.
  • Utilize SIEM, EDR, and other security tools for timely incident detection.
  • Perform threat hunting and proactive security assessments.
  • Collaborate with IT teams to deploy and optimize security solutions.
  • Integrate AI and automation technologies to enhance security operations.
  • Develop automated workflows and scripts for incident response and routine tasks using SOAR.
  • Leverage machine learning and AI-driven tools for threat detection and analysis.
  • Stay updated with advancements in AI and evaluate their applicability to security operations.
  • Apply system design thinking to security solutions.
  • Analyze and compile statistics on threats relevant to the Institute.
  • Prepare and present detailed reports on threat statistics to stakeholders.
  • Use data visualization tools to communicate threat trends and insights.
  • Evaluate and integrate new technologies to enhance security operations.
  • Foster a culture of continuous improvement within the team.
  • Encourage continuous learning and professional development.
  • Enhance the team's digital forensics capabilities.
  • Develop forensic investigation procedures and protocols.
  • Train team members in forensic tools and methodologies.
  • Oversee the collection, preservation, and analysis of digital evidence.
  • Collaborate with legal and compliance teams to ensure regulatory alignment.
  • Conduct regular drills and simulations for forensic readiness.

Requirements

  • Degree in Information Systems, Computer Science, Cybersecurity, or a related field.
  • Professional Certification(s) in incident handling and security analysis preferred.
  • GCIH or its equivalent is preferred
  • Minimum of 8 years of progressive experience in IT security, with a focus on Incident response
  • Minimum of 4 years of experience in a security operations center, with proven leadership capabilities.
  • Intermediate knowledge of security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration
  • Proven experience in managing incident response and performing threat hunting
  • Proven experience in integrating AI and automation in IT Security using Security Orchestration Automated Response (SOAR) technologies.
  • Proficiency in Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), traffic and packet analysis, digital forensics, and cloud security.
  • Experience in Blue/Purple teaming, firewall, Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF) administration, virtualization, and cloud technologies.
  • Experience in monitoring and administering host-based intrusion detection systems.
  • Knowledge and experience in Linux/Windows/Database technologies preferred.
  • Strong knowledge of industry standards and information security policy frameworks.
  • Hands-on experience with scripting and automation tools to enhance security operations.
  • Ability to conduct gap analysis of current processes and identify opportunities for improvement.
  • Evaluate internal and external environments for threats related to Information Security and act as a subject matter expert to ensure these are properly addressed and controlled.
  • Continuously improve event correlation and alerting processes and use cases to detect potential incidents.
  • Automate manual processes to enhance security incident response.
  • Experience with network security assessment tools.
  • Excellent leadership and team management skills, with the ability to inspire and motivate a team.
  • Strong communication skills, with the ability to effectively interact with stakeholders at all levels, including University administration.
  • Demonstrated ability to drive strategic initiatives and lead a team through change.
  • Exceptional problem-solving skills and the ability to think critically under pressure.
  • Ability to interview stakeholders to define and document business requirements.
  • Provide advice and guidance on response action plans for information risk events and incidents based on incident type and severity.


Shortlisted candidates will be offered a 3 Years direct contract employment.