Manager, Technological Risk Management

If you are looking to excel and make a difference, take a closer look at us Functional _(job responsibilities):_ Cyber Incident Management - Being the point of contact to drive all cyber incidents managed by CERT - Create incident reports - Oversee all aspects of incident management process from evaluation to resolution - Coordinate the activities of analysts and parties external to the CERT involved incident response - Recognizing common attacker tools, tactics, and procedures - Assist with the collection and aggregation of performance metrics. - Drive incidents to a conclusion based on SLAs and criticality level - Keep incidents status up to date through regular updates Threat Intelligence/Security Analysis/Compromise Assessment - Maintain daily communication with analyst team - Monitor intelligence sources to maintain situational awareness of cyber threat landscape - Researching and developing new digital forensics scripts, tools, and methodologies - Collaborate with Security Operations functions to analyze/assess threat intelligence. - Collaborate on defining intelligence requirements to support overall cybersecurity strategy and operations. - Interface with Vulnerability Management team as appropriate to share threat intelligence information. - Incorporate threat intelligence into security operations capabilities & maintain repository for threat intelligence. Planning and Cyber Drills - Define improvement over incident playbooks - Coordinate Red team exercises and drive improvement plans (as required) Member of the following committees: - IT Operations Committee (as required) Managerial _(team/group responsibilities):_ Be a good team player to ensure strong team spirits and deliver quality results Engage with business stakeholders and wider security operations team to deliver effective Cyber Emergency Response Continuously develop CERT processes/procedures and enhance threat intelligence/analysis capabilities to contribute to the overall cyber-security operations. Organizational _(organizational responsibilities):_ Inculcate proactive Cyber risk management culture in the Bank Proactively lead/coordinate on implementation of strategic cyber resilience programs. Jobholder Requirements: Education/Qualification - Degree or Masters in Information Technology or Computer Science (Majoring in IT Security) will be of added advantage Experience - >= 5 years of working experience in threat intelligence, security monitoring, incident response and forensics lifecycle - 3 years of experience triaging security events using a variety of tools in a security operations environment. - 3 years of experience with packet flow, TCP/UDP traffic, firewall technologies, IDS technologies, proxy technologies, Data Loss Prevention (DLP) and antivirus, spam and spyware solutions. - 5 years of experience conducting incident response activities and seeing incidents through to successful remediation. Special Skills - Familiarity with risk management and controls frameworks, cyber kill chain and NIST Incident response life cycle - Experience in dealing with cyber incidents - Deep knowledge of computer networking concepts and protocols (including OSI and TCP/IP layer models) and network security methodologies. - Deep understanding of threat intelligence life cycle. - Strong understanding of network traffic analysis methods including packet-level analysis. - Proven experience in security operation and monitoring - Working knowledge about SIEM architecture - Being able to work with a diverse set of stockholders in the organization from technical through to senior management. - Strong written and verbal communication skills - Understanding crisis management, business continuity and disaster recovery procedures - Ability to understand technical topics dealing with technical teams and explain and present them to management level executives - Being able to handle multiple competing priorities in a fast-paced environment to proceed high priority tasks to a resolution - About Hong Leong Bank_ - We are a leading financial institution in Malaysia backed by a century of entrepreneurial heritage. Providing comprehensive financial services guided by a Digital-at-the-Core ethos has earned us industry recognition and accolades for our innovative approach in making banking simpler and more effortless for our customers. Our digital and physical offerings span across a vast nationwide network in Malaysia, strengthened with an expanding regional presence in Singapore, Hong Kong, Vietnam, Cambodia, and China._ - We seek to strike a balance between diversity, inclusion and merit to achieve our _ - mission of infusing diversity in thinking and skillsets into our organisation._ - are assessed based on merit and potential, in line with our mission to attract and recruit the best talent available. _ - Expanding on our “Digital at the Core” ethos, we are progressively digitising the employee journey and experience to provide a strong foundati