Senior Assistant Director, Cyber Security (Cyber Security Defense)
Nanyang Technological University is one of the top universities in Singapore offering undergraduate and postgraduate education in engineering, business, science, humanities, arts, social sciences, education, and medicine.
NTU’s Centre for IT Services (CITS) manages the campus-wide IT Infrastructure, providing access to all Enterprise IT systems, Learning platforms, and Digital Media services. Within CITS, the Cyber Security team is responsible for governance, risk and compliance, as well as security architecture, consultancy, monitoring, incident response, threat intelligence, and digital forensic investigations.
We are seeking a Cyber Security leader to join our dynamic team. This role will collaborate with various NTU departments to enhance agility in detecting and responding to emerging threats aimed at NTU’s assets and services. The successful candidate will lead a team to plan, monitor, and maintain security operations, leveraging threat intelligence to drive effective incident response and mitigate cyber threats.
Key Responsibilities:
- Cyber Security Operations:
- Lead and oversee the monitoring and maintenance of security operations.
- Advise on security technologies and introduce innovative concepts to strengthen the organization’s security capabilities.
- Continuously review and improve the efficiency of existing security operations programs.
- Develop policies, standards, and procedures to ensure the effectiveness of security operations programs.
- Ensure the development of contingency plans and disaster recovery procedures for the systems managed under the security operations program.
- Cyber Security Incident Management:
- Manage and direct team members to conduct cyber security incidents investigations, covering detection, triage, analysis, response, and recovery.
- Provide training and oversight for team members in digital forensic investigations.
- Coordinate incident responses with external entities such as government agencies and CERTs.
- Collaborate with stakeholders to implement remedial actions following security incidents.
- Stay informed on emerging cyber threats and actor tactics from various intelligence sources.
- Plan and execute cyber security tabletop exercises to enhance preparedness.
- Plan and review the enhancement of system performance and direct the Computer Security Incident Response team in the development of new use cases to improve our cyber threat detection capabilities.
- Oversee root cause analysis during system outages, ensuring timely troubleshooting and continuity of operations.
- Identify gaps in security processes and recommend tools, software, or measures to strengthen the team capabilities and NTU’s overall security posture.
- Cyber Security Engineering:
- Serve as a recognized industry expert in the cyber security domain in cyber defense.
- Oversee the development and maintenance of NTU’s security architecture for Cyber Defence.
- Translate security architecture to solutions to improve Detection and Response capabilities.
- Ensure the alignment of security governance with enterprise architecture governance.
- Act as a security expert in application, systems, and network development.
- Ensure compliance with cyber security policies and regulations.
- Establish frameworks and determine relevant tools and techniques to guide the development of IT solutions.
- Establish internal structures and processes to guide the exploration, integration, and evaluation of new technologies.
- Organization Security Improvement Program:
- Lead multiple security projects to enhance NTU’s overall security posture.
- Explore and implement new technologies to strengthen NTU’s security capabilities.
Requirements:
- Degree in Computer Science, Computer Engineering, or a related field. Professional certifications such as CISSP, CISA, CISM, or GIAC are advantageous.
- At least 10 years of IT experience with 5 years in Security Engineering, Operations, and/or Incident Response Management.
- Experience leading Cyber Defence Operations or a Security Operations Centre (SOC) will be an advantage.
- Proficient in cyber security incident detection and response practices and/or processes, including NIST Incident Handling Guidelines, Cyber Kill Chain, MITRE ATT&CK Framework.
- Experience with cyber security tools such as Security Information & Event Management (SIEM), Endpoint Detection & Response, Threat Intelligence, and Privileged Access Management solutions.
- Skilled in conducting security audits, implementing controls, and applying mitigating measures on enterprise security systems.
- Strong managerial, interpersonal, and organizational skills.
- Ability to multi-task, work under pressure, and deliver results in a timely manner.
- A tenacious problem-solver with the ability to navigate ambiguity and foster open discussions to reach consensus.
- Demonstrated leadership abilities, with a talent for motivating and inspiring teams. Suitable candidates with higher qualifications or more years of relevant and demonstrable experience may be considered for a higher appointment grade.
We regret that only shortlisted candidates will be notified.