Assistant Vice President, IT Security (Threat Management)
Great Eastern
Singapore
Permanent
Full-time
1 month ago
Job PurposeThe Threat Management Specialist will ensure the efficient and effective use of cyber threat intelligence to respond to cyber threats, orchestrate proactive threat hunts within Great Eastern networks. This role will also work with the SOC Manager to develop/fine-tune detection strategies, as well as respond to advanced cyber threats, not limiting to zero-day vulnerabilities.The Job· Responsible for the design and execution of periodic hypothesis-based proactive threat hunts within on-premises and cloud environments, driven by Cyber Threat Intelligence to uncover indicators of cyber threat activities.· Actively develop hunts based on specific MITRE techniques, translate them into an iterative process, and deploy them in appropriate security solutions.· Performs digital forensic preservation, maintain chain-of-custody and as well as electronic discovery.· Investigate EDR sources and perform forensic investigation where necessary.· Work closely with SOC and other teams in CSIRT during incident response to contain and mitigate attacks.· Point of contact for external attack surface monitoring and work with stakeholders to ensure remediation and reporting in a timely manner· Keep abreast in the development and advancement in cybersecurity technology and the Cyber Threat Intelligence landscape.· Leverages internal and external resources to research threats, vulnerabilities and intelligence on various threat actors and exploitation tools and platforms.QualificationsOur Requirements· Degree or related in information technology.· Relevant Industry Certifications such as CISSP, GIAC GSEC, GCIH, CEH or equivalent.· Professional certifications, including EnCE, GCIH, GCFE, GCFA, GREM, GNFA, GASF, GCTI, CISSP, or other SANS certifications.· Minimum 5 to 7 years’ experience in IT/Cyber Security Incident Response, Security monitoring, SOC functions, Threat intelligence or Threat Hunting.· Knowledge in cyber security framework and standards, and industry security standards, including application, systems, and network security best practices.· Knowledge in technology and cyber risk regulation and guidelines.To all recruitment agencies: Great Eastern does not accept unsolicited agency resumes. Please do not forward resumes to our email or our employees. We will not be responsible for any fees related to unsolicited resumes.
