Oversee our company's cybersecurity Incident Response function, including IR plan, playbook, communication plan
Ensure timely response to security alerts, detections and incidents with proper escalation, follow through and closure of incidents
Primary point of contact to our Managed Security Services Partner (MSSP) to respond to monitored threats and possible intrusions and take the appropriate response actions to contain and recover from cybersecurity incident
Responsible to ensure MSSP’s timely response to security alerts, detections and incidents with proper escalation, follow through and closure of incidents.
Conduct security incident root cause analysis and ensure implementation of control measures to prevent incident re-occurrence.
Oversee and manage security initiatives/programs to enhance detect and response/recovery capability within the company
Degree in Information Security, Computer Science or Engineering or equivalent with a minimum of 3 years in cybersecurity incident response or security operation
Working experience in SOC/CERT environment or GCIH or similar security certification is an advantage
Analytical, communication, problem solving, root cause analysis skills
Passion for process improvement
Familiar with TCP/IP, anti-malware solutions, intrusion and endpoint detection and response
systems, SIEMS and security orchestration & response tool
Network packet/netflow analysis experience and system administration experience on Windows, Unix and Linux operating systems