JOB DETAILS

JOB DETAILJob Details

• Defining and leading the IT security strategy for the organization with IT strategy and policies. This includes related threat intelligence and investigation of identified potential indicators of compromise (IOCs)

• Leading initiatives to assess the adequacy and effectiveness of IT controls and policies, ensuring that business users are compliant to the IS standards (ISO 27001, PDPA and etc).

• Responsible for information security incident investigations, and propose corrective and preventive measures.

• Work with Security Operation Centre members on the incidents reported to verify the security events status, guarantee the proper functioning of security operations.

• Overseeing and leading computer networks monitoring for security issues and monthly security event monitoring including logging, reporting

• Consult with IR for capability and countermeasure enhancements

• Provides advisory in security tool lifecycles and roadmaps

• Oversee and ensure compliance to security standards and recommend security implementations

• Develop cases to relevant stakeholders addressing from security perspectives and interests, e.g., identify internal and external security benchmarks to compare internal security area’s performance with industry best practices.

• keep abreast of the emerging trend on security technologies.

REQUIRED WORK EXPERIENCERequired

✓ Bachelor Degree in Information Systems or related field

✓ At least 5-10 years of relevant experience in IS security, Cyber Security, IT security tools or SIEM tools, posses necessary skill sets to create and advocate new tools, techniques, and implement new or change process to improve overall security operation, and strong team management with proven record in leading security teams.

✓ Understanding of common cyber attack techniques and methods, common types of malware, network protocols, OSI layers, OS internals (primarily Windows, but Linux & macOS is a plus)

✓ Strong knowledge on Public Cloud Security (AWS, Azure, GCB)Knowledge on cyber security and endpoint technologies, including EDR, DLP, CASB, PAM, IAM, Cloud security

✓ Endpoints: Familiar with Windows, Linux, MacOS and mobile devices

✓ Cloud: Good understanding of cloud computing on Microsoft M365, Azure, AWS

✓ Candidates with exposure to Governance, risk management, and compliance (GRC) will be of added advantage

✓ Proven track record on managing external vendors / Managed Services

✓ Proven track record of engagement with C-level business stakeholder is an added advantage

✓ Take change management and communication initiatives to facilitate the implementation of security solutions, leading security activities, clarifying the simplifying technical concepts/solutions to facilitate action and decision making

✓ Ability to coach, challenge, develop team in cross functional environments

✓ Manages efficient interactions with both internal and external

✓ Flexibility and abilities to learn new thing/skills fast

✓ Manages methodology, timing, budget and resource allocation from security structure perspective within the organization.