Our client is seeking for an experienced IT Security Specialist to oversee cybersecurity operations, lead and manage in incident response and investigation. You will be working closely with a managed security service partner and to perform initial risk assessment and to update relevant stakeholders into resolving the incident within agreed timelines.
Degree in Information Security, Computer Science and Engineering or equivalent;
At least 3 years of working experience within cyber security operations environment as well as managing incident response;
Good knowledge in network protocols i.e. TCP/IP, triple handshake ;
Experience in anti-malware, Intrusion Detection (IDS), Intrusion Protection(IPS) Systems, SIEM and Security Orchestration Automation and Response (SOAR) tools;
Well-verse in network packet analysis using Wireshark etc and experience in various operating systems i.e. Windows, Linux, Unix;
Good in understanding internal process with a passion to seek improvements;
Good analytical skills with strong communication;
Good problem solver to investigate the root cause analysis;
GIAC Certified Incident Handler (GCIH) or relevant incident response certification;
OSCP/ CREST certification.
Responsible for the organization's cybersecurity incident response (IR) function;
Oversee the incident response plan, playbook and communication plan;
Act as the primary point of contact with the Managed Security Services Partner in response to the threats and possible attacks and intrusions;
Assess and take appropriate response action to contain and manage the incident;
Ensure Security Service Partner adhere to agreed levels of alert, response with proper escalation and follow-through to the closure of the incidents;
Conduct root cause analysis of security incident and ensure control measures implemented to prevent re-occurrence;
Research and oversee security initiatives/programs to improve and enhance detect and response/recovery capability within the organization.