Forensic and Incident Response - Deputy Director
ABOUT THE COMPANY
A leading organisation in the Healthcare Technology sector, transforming healthcare through smart technology and latest innovations. The company who value talents, who promotes talents achieving career progression.
The Cybersecurity Incident Response (CSIR) DD is accountable to ensure the efficient and effective detection, triage and response to cybersecurity events and/or incidents. The CSIR DD will ensure the Security Operations Centre (SOC) understand the cyber threats faced by the Healthcare Sector, continuously enhance its detection tools and provide 24x7 monitoring of events for suspicious activities. In addition, the CSIR DD will work with the Incident Management team to ensure that events and/or incidents are appropriately analysed and responded to.
- Strategic planning for investment and/or adoption of cybersecurity technologies to maximize effectiveness of cybersecurity controls against rapidly evolving threats
- Work closely with internal and external stakeholders to manage the operations of the SOC
- Ensure continuously enhancement of the SOC for advanced cyber threat monitoring, detection, analysis and response through the use of threat intelligence and automation
- Ensure that the Incident Management team can efficiently and effectively analyse and respond to events and/or incident while following the appropriate procedures and playbooks
- Lead and drive the management of cybersecurity incidents as the cybersecurity incidentresponse manager
- Drive continuous improvement of the Incident Response framework, Cybersecurity Event Management and Incident Response Plan, Standard Operating Procedures and Playbooks for cyber security operations and incident response
- Empower the incident management team to innovate and challenge traditional operations of security monitoring & response
- Mentor, train and provide oversight for cybersecurity analysts and incident responders
- Track and analyse cybersecurity metrics for optimal effectiveness, benchmarking and management reporting
- 10 or more years of experience in security operations including management of Security Operations Center (SOC) and leading cybersecurity incident response and forensic
- Experience in conducting detailed investigations and analysis of cyber security events
- Strong interpersonal skills with the ability to communicate with internal and external stakeholders including explaining technical concepts to non-technical recipients (technical and non-technical)
- Ability to be autonomous but proactive in reaching out for support
- Familiarity with the Kill Chain Methodology, MITRE ATT & amp; CK Framework, NIST Cybersecurity Framework (CSF), etc.
- Bachelor and/or Master degree in Computer Science, Engineering or equivalent
- Relevant certifications in cybersecurity, e.g. CISSP, CISM, GCIH, GCFA, GNFA or similar
MORGAN MCKINLEY PTE LTD
EA Licence No: 11C5502
Registration No: R1876903
Registration Name: Shalu Surana