Avp, Cyber Threat Response

Our Ideal Candidate Diploma or higher educational qualification in Engineering, Computer Science / Information Technology or an equivalent qualification in a relevant discipline.9 years of experience in Information Security, preferably in the Banking and Financial Services sector, with 4 years of hands-on experience working in a Security Operations Centre (SOC).The following certifications are desirable but not mandatory ISC2 Certified Information Systems Security Professional (CISSP), ISACA Certified Information Security Manager (CISM), EC Council Certified Ethical Hacker (CEH), EC Council Certified Security Analyst (ECSA), SANS GIAC Certified Incident Handler (GCIH), CERT Certified Computer Security Incident Handler (CSIH), Axelos Information Technology Infrastructure Library (ITIL) v3 Foundation.Role Specific Technical Competencies Knowledge in breadth and reasonable depth of Cybersecurity Incident Analysis and Response and Cybersecurity Defensive Operations (Blue Team) in complex organizations.Strong understanding of the current cyber threat landscape as well as current risks, vulnerabilities, and threats.Comprehensive knowledge of IT Service Management (ITSM) processes within a recognised framework (ITIL, COBIT).Strong understanding of core Enterprise Information Technology and Computer Networking concepts (Desktop / Laptop, Mobile Device, Server, Network Device, LAN and WAN).Strong understanding of enterprise directory management solutions (, Active Directory, LDAP) and related functions such as Group Policy and Single Sign On.Working understanding of digital forensics.Working understanding of application security within the OWASP framework.Exposure to working with Managed Security Service Providers (MSSPs) and third party vendors and suppliers.Strong understanding of Audit, Compliance, Governance, and reporting.Exposure to Endpoint Security and Endpoint Detection and Response solutions, preferably Symantec.Exposure to Network and Email Security solutions, preferably Symantec.Exposure to Security Information and Event Management (SIEM) solutions, preferably Splunk ES.Exposure to Security Orchestration, Automation, and Reporting (SOAR) solutions, preferably Splunk Phantom.Exposure to case management solutions.Exposure to Database Activity Monitoring solutions.Exposure to Privileged Session Management solutions.Exposure to WAN traffic management and DDoS mitigation solutions.Demonstrated ability to solve multiple, interconnected problems of high complexity and come up with innovative, forward-thinking solutions.Self-motivated and able to work independently. Comfortable with working remotely for extended periods if required.Excellent oral and written communication skills, with English at ILR Level 4 or better. Basic familiarity with Microsoft Office or similar productivity software, with the ability to produce documents, spreadsheets, and presentations of high complexity.Demonstrated ability to work with a diverse, geographically-dispersed team.

Experience Required

9 - 15 Years

Industry Type

IT

Employment Type

Permanent

Location

Malaysia

---