Job Description - Assistant Manager - Cyber Security Defensive Operation Analyst (MER0003F0L)
Assistant Manager - Cyber Security Defensive Operation Analyst
Group: Mercedes-Benz Group AG
Description
The Mercedes-Benz AG Group CISO heads Mercedes-Benz’s Global Cyber Security Department (based in Stuttgart, Germany). We are looking for a Cyber Security Defensive Analyst to join our Cyber Intelligence and Response Centre (CIRC). The Global Cyber Security Department oversees a 24/7 follow-the-sun operation with counterparts in EMEA and NAFTA. This role focuses on providing an intelligence-driven approach towards incident response affecting any Mercedes-Benz assets and providing containment, eradication, and recovery of affected assets involved in a cybersecurity incident in a timely and efficient manner.
Furthermore, the role requires the mitigation of identified threats, addressing identified vulnerabilities, and providing incident coordination towards internal stakeholders and external customers. The role is crucial in enabling Mercedes-Benz's business by ensuring agile security operations and maintaining a secure environment.
As a Cyber Security Defensive Analyst, you will be responsible for:
- Conducting technical analysis and triaging of triggering alerts ingested from Mercedes-Benz log sources to determine impact, scope of impact, and determine corresponding remedial actions to mitigate, contain and/or otherwise limit the impact of the incident.
- Analysing, triaging, and processing security threats to identify potential risk gaps and corresponding organizational impact by conducting in-depth analysis of the identified threat, attack vector or intelligence information.
- Working closely with the CIRC threat intelligence team to aid in the enhancement of contextual analysis and providing threat hunting support towards Open Source Intelligence (OSINT) related Indicators of Compromise (IoCs).
- Taking the lead in managing Mercedes-Benz end users and stakeholders in providing cybersecurity incidents updates and other related activities that might arise from time to time during the incident coordination, remediation, and recovery.
- Providing duty analyst support for the CIRC operations during weekends, utilizing a pre-defined duty roster, ensuring the continued operations and monitoring of threats and triggering alerts 24 by 7, follow the sun model.
- Coordinating projects assigned by the Head of Global Defensive Operations towards the rollout, implementation, and acting as the point of contact for local stakeholders towards the implementation and coordination of the projects assigned.
- Providing technical inputs towards the virtual teams as assigned by the Head of Global Defensive Operations towards the operational directions, method determination, and other related administrative support required from time to time.
- Providing guidance and technical support in mentoring and guiding newer members of the team in technical and incident management skills and processes.
Qualifications
- Degree from a reputable university or significant coursework in Computer Science, Networking, Engineering, or other computer-related fields of study.
- One or more of the following professional certification is beneficial: CISSP, GCIH or similar.
- Have good emotional intelligence and is a proven team player.
- Rational and able to remain calm under pressure.
- Fluency in the English Language.
- Effective oral and written communication skills.
- Good timekeeping ability to cope with a tight deadline and achieve operational objectives.
- Self-motivated with the ability to carry out assigned tasks with minimum supervision.
- Proficient understanding of cyber and IT security risk, threat, and prevention measures.
- Proficient understanding of networking and network security technologies.
- Good understanding of forensic tools and methodology used in incident response.
- Good knowledge of security standards and best practices.
- Good understanding of various operating systems.
- Good understanding of the Cyber Kill Chain and the ability to display clear analytical skills.
- Previous experience in a corporate or enterprise environment, engaging with and responding to a diverse array of internal stakeholders, including senior management.
- Knowledge of Microsoft Office suite (Word, Excel, PowerPoint, and Access).
- Knowledge of Splunk is beneficial.
This position is based in Singapore and a valid and approved work visa is required for employment in Singapore in accordance with local labour law regulations. Candidate may be offered a lower job level based on candidate’s experience. We regret to inform you that only shortlisted candidates will be notified.