AVP - Tech Lead, Cybersecurity Incident Response Analyst

Posted 17 November 2022
Salary 70-130K
Job type Permanent
DisciplineTechnology
Reference42704
ContactJK Lee

Job description

Our client is a leading top financial institution in East Asia country with a global presence. With close to 60 years of business experience in Singapore as their Asia Pacific headquarters, our client provides a thorough range of corporate/wholesale banking solutions across 9 different regions covering a variety of industry sectors.

Job Overview

With advancing to increasing digitalization and online transactions. There is a need to further enhance cybersecurity capability. They are looking for a technical lead to assist the Group Head and Team Lead to Improve the bank’s preparedness to deal with cyber incidents. You will develop digital investigation or forensic capability to respond to prevalent cyber threats. And establish operational playbooks to ensure the IT department can respond, contain and recover from incidents in a concerted manner.

Responsibilities

  • Lead the technical investigations of cyber incidents and coordinate technical response to identifying root causes or workarounds to contain and recover from incidents

  • Perform as the technical subject matter expert (SME) for IR-related topics or during incidents, such as specialized consultation or technical support in relation to IR.

  • Develop and document the CSIRT procedures and processes based on industry best practices and internal requirements

  • Coordinate and participates in Cyber drills and conduct technical training to improve the IT department’s capability to deal with threats

  • Work with various teams to identify threats & strengthen the bank’s cyber-defence capability

  • Keep track of industry technical trends through participation in a professional association, practice communities and individual learning.

Requirements

  • Bachelor’s degree in computer science or equivalent

  • Ideally more than 7 years of experience in cyber incident response or Security Operations centre in an enterprise environment.

  • Experience in investigating major Cyber incidents would be an advantage

  • Experience and expertise with standard enterprise security tools such as Firewall, Antivirus, SIEM, IDS/IPS, EDR etc.

  • Track records in operational experience with Splunk or similar log aggregation/analysis platforms

  • Years with Cyber forensic work such as memory analysis, timelining, evidence collection, compromised assessment etc.

  • Familiar in utilizing EDR technologies

  • Expertise in Malware analysis & reverse engineering

  • Experience in multiple domains within IT or Information Security such as Identity and access management, IT infrastructure operations, Key management, system administration etc.

  • Strong understanding of various operating systems, networking and web technologies with professional security certifications would be a plus.

Know someone suitable for this job?
Submit your referral and you can earn up to S$500 when they’re successfully placed. T&C Applied