Security Operations, Consultant page is loaded
Security Operations, Consultant
Apply locations SG-Tampines Agency Building posted on Posted 30+ Days Ago job requisition id JR-54837
At AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone.
As pioneering innovators for over 100 years, we’re now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.
If you believe in developing a better tomorrow, read on.
About the Role
To lead and manage the day-to-day operations of the Security Operations Center (SOC) team, ensuring the proactive identification, assessment, and mitigation of cyber threats across the organization. This encompasses overseeing security monitoring, incident response, threat intelligence analysis, and the continuous improvement of security posture. The Security Operations Manager is responsible for building and leading a high-performing team, driving strategic initiatives, and ensuring compliance with relevant security standards and regulations.
Security Threat Monitoring, Prevention, and Incident Response
- Lead and manage the SOC team in real-time monitoring of security events and alerts from various sources (e.g., SIEM, firewalls, endpoint detection and response).
- Maintain an oversight of all the alerts from MASNET, Group SOC and provide support to incident response personnel to ensure all actions & deliverables are achieved within SLAs.
- Manage end-to-end incident handling & management according to established response processes and become subject matter expertise where established processes require enhancement.
- Implement and enhance incident response playbooks and procedures to ensure timely and effective handling of security incidents, including: 1) Triage and initial assessment of security events; 2) Deep dive investigation and root cause analysis; 3) Containment, eradication, and recovery activities; 4) Post-incident review and lessons learned documentation.
Security Posture Management
- Maintain an oversight of related security posture baseline, in the area of cloud security, network security, endpoint security, and server security compliance.
- Ensure identified security vulnerabilities are remediated or mitigated, as per the vulnerability management processes.
- Continuously improve the organization's overall security posture through proactive security enhancements and automation.
- Lead discussion and remediation with relevant teams to resolve identified issues, as well as elaborating risk, severity, and mitigations.
- Work collaboratively with security governance and compliance team to identify and address security gaps raised from both external and internal audit.
Security Operations Metrics
- Provide an oversight and tracking of security operations metrics, including security baseline in the area of cloud security, network security, endpoint security, and server security compliance.
- Lead various security operations reports development for the purpose of management attentions and highlight.
Security Operations Initiatives
- Drive security initiatives & projects and become local point of contact with Group for security project facilitation.
- Provide direction, guidance, and collaborate with each SME of cloud security, network security, endpoint security, and server security compliance, for various security operations initiatives.
Identity Access Management (IAM) Governance
- Manage end-to-end lifecycle of privilege ID, starting from it is created, vaulted, used, reviewed, and deleted.
- Lead the review of user access rights and privileges ID to identify and remediate any misconfigurations or unmanaged privileges ID.
- Oversee Identity and Access Management (IAM) policies and procedures into daily practice and operationalization.
- Lead IAM projects implementation / deployment / enhancement and liaise with Group Information Security.
Requirements
- University degree in one of the following or related disciplines (Computer Science, Computer Engineering, Information Security, Information Systems).
- 12 years of Tech experience with at least 7-10 years of experience in cyber security area in a regulated environment (e.g. bank, insurance, etc.).
- Strong knowledge of cybersecurity incident management covering identification, containment, response, recovery and reporting.
- Strong knowledge of Cloud, Cyber Monitoring, Vulnerability Management, and Cyber Threat Intelligence. An exposure to computer security forensic would be an advantage.
- Ability to take the lead and drive the investigation of complex security issues, with strong analytical and problem-solving skills.
- Self-driven professional with high interest in the world of Technology, especially cyber security.
- Hands-on experience for the cyber security incident scenario preparation and tabletop exercise.
- Technical understanding of enterprise network and various components of Operating Systems, Applications, Databases in Cloud environment, how they are exploited and how to defend.
- Experience of the implementation of a variety of security tools and documentation of the process.
- Familiarity with MAS TRM regulatory requirements.
- Excellent interpersonal and communication skill, with ability to deliver the key message of “why” and “how” certain things are needed for remediation with elaboration of the risks, severity and impact.
- Preferably a holder of one or more of the following information security qualifications: CISSP, CEH, GSOC, CSA, ECSA, or similar.
Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.
You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.