Security Operations Centre
- Strategic planning for IT security investments and technology adoption to maximize effectiveness of IT security controls against rapidly evolving threats
- Develop and enhance the integrated Security Operations Centre (SOC) for advanced cyber threat monitoring and detection, early warning and active defence capabilities
- Work closely with internal and external stakeholders to manage the operations of the integrated SOC
- Develop and implement cyber resilience frameworks, standard operating procedures and playbooks for cyber security operations and incident response
- Ensure that cyber threats, risks and vulnerabilities are appropriately investigated and addressed promptly
- Coordinate the investigations of cybersecurity incidents with internal teams and cross agency partners.
- Work with partners to perform periodic rules tuning, streamline procedures and implement automation
- Lead and/or Participate in various internal, external and international forums/projects on cyber security
- Background in Engineering, Computer Science or related fields
- 8 or more years of working experience in IT Security with SOC or Incident Response operation experience preferred
- Hands-on experiences with implementing services/application on Windows and/or Linux preferred
- Hands-on experiences with prevalent SIEM tools preferred.