This role exists to lead and manage teams in the provision of Cyber Threat Intelligence and Cybersecurity Digital Forensics Incident Response to secure the Telecommunications and Media sectors and support national cybersecurity efforts within the vision and mission of IMDA.
Job Responsibilities
- Manage the team to ensure cybersecurity incident response is well managed with incident scope and containment, directing post-mortem activities involving log analysis, digital forensics and malware analysis to identify root cause, data exfiltration risk, recovery and remediation measures are effective for a successful closure of the incident investigation.
- Prepare and review cyber incident reports for senior management. Present incident briefings including attack techniques and malware behaviours observed, risk, impact and answer enquiries from various stakeholders.
- Guide the team performing research and analysis of emerging or relevant cybersecurity threats impacting Telecommunications and Media sectors with threat assessment and sectoral impact. This includes attack techniques, vulnerabilities and exploits, threat detections rules, signatures (e.g., Yara, Snort), recommendations to detect or prevent related threats. Oversee regular or ad-hoc threat intelligence reports are produced are disseminated to key stakeholders, including advisories or alerts to operators are carried out according to Standard Operating Procedures.
- Supervise Security Engineers to ensure implemented systems and technologies support operational capabilities and comply to IT standards. This includes strategy and planning to build and operate Incident/Alert management system, Threat Intelligence Platform with integration to intelligence sources to synthesize across the sectors for dissemination and response.
Job Requirements
- Background in Information Security/Technology, Computer Science/Engineering related qualification
- 12 years or more working experience in enterprise cyber security incident investigations digital forensics or cyber threat intelligence related areas and leading such teams
- Experience preparing and presenting threat briefings to information security and technology stakeholders in senior management, operations and to customers
- Experience publishing cyber threat, campaign or vulnerability exploit research
- Knowledge in telecommunications, broadcast, media equipment and technologies, enterprise environments
- Relevant professional certifications including GIAC GCFA, GREM, GCFE, GCIH or CREST CCTIM, CRTIA, CPTIA.
- Proficiency in Forensic toolkits such as Magnet AXIOM, Encase, X-Ways, FTK or Autopsy or Threat Intelligence Platforms
- Strong analytical skills with passion to overcome challenges
- Strong influencing and communication skills
