Cybersecurity Manager - Threat Management and Incident Response

As a Cybersecurity Manager in the CISO office, you will lead incident response, threat intelligence, and use case development to protect the organisation from cyber threats.

The Role:

· To work closely with the security monitoring team and internal operations team to strengthen threat monitoring and detection of cyber threats within the scope of organization.

· Handle and document high and critical incident details, actions taken, and outcomes in incident tracking systems.

· Development of new playbooks and updates to existing playbooks where necessary.

· Respond to cyber security incidents and oversee investigations following established playbooks and procedures, including containment, eradication, and recovery steps.

· Collaborate with internal teams (IT, network, application) to investigate and resolve incidents.

· Perform threat analysis and contribute to continuous improvement of detection and response capabilities in MS Sentinel.

· Perform incident response drills- Quarter phishing red teaming and contribute to post-incident reviews and reporting.

· Support vulnerability management and threat activities as needed.

· To review and follow up on threat intelligence received from both internal and external sources.

Responsibilities include:

· Monthly and Quarterly SOC monitoring report;

· Incident Report(s)

· Monthly and Quarterly Incident Summary Reports

· Weekly/Monthly and Quarterly threat hunts during period of heightened alert(s) (if necessary)

· Quarterly Phishing Red Teaming Ex. report

Experience Required:

· 5–8 years of experience in cybersecurity, with focus on threat management and incident response.

· A team player and a great collaborator with a firm commitment to the team’s success

· Self-motivated with strong interpersonal and stakeholder management skills.

· Possess the Growth Mindset

· Bachelor’s degree in related area and/or with equivalent experience in cyber security training, e.g. CISSP.

· Exposure to IT risks assessment or technology audit work includes enterprise IT security, cyber security and/or cloud security services, e.g. AWS, Azure.

· Good knowledge on MS Sentinel.

· Strong knowledge and experience with Cloud security standards and cybersecurity frameworks like NIST, ISO27001, CSA Security-by-Design and Personal Data Protection Act, Essential 8 are essential.

· Up to date with knowledge on cyber security technologies and standards. Operational knowledge of and experience in SIEM and SOAR would be ideal.