Key Responsibilities:
- Lead and manage the Security Operations team, including SOC analysts, incident responders, threat hunters, and security engineers.
- Oversee 24/7 monitoring, detection, triage, analysis, and response to cyber threats and security incidents.
- Drive the design, implementation, and optimization of SOC tools and technologies (e.g., SIEM, EDR/XDR, SOAR).
- Develop and maintain robust incident response procedures, including playbooks and escalation protocols.
- Coordinate with stakeholders across IT, risk, and compliance functions to manage security risks and responses effectively.
- Lead cyber threat intelligence efforts to stay ahead of emerging threats and adapt defenses accordingly.
- Monitor key security metrics, prepare executive-level reports, and present updates to senior leadership.
- Ensure compliance with internal security policies and external regulatory requirements (e.g., NIST, ISO, MAS TRM).
- Manage relationships with third-party security vendors and service providers, ensuring SLA adherence and service quality.
- Conduct regular tabletop exercises, penetration tests, and post-incident reviews to identify gaps and drive continuous improvement.
- Contribute to the development and execution of the organization's overall cybersecurity strategy.
Qualifications:
- Bachelor's or Master's degree in Information Security, Computer Science, or related field.
- Minimum of 10 years of experience in cybersecurity, with at least 5 years in a leadership role managing security operations.
- Proven experience leading SOC teams, managing incident response, and deploying security technologies.
- Strong knowledge of security frameworks (e.g., MITRE ATT&CK, NIST CSF, ISO 27001).
- Hands-on experience with SIEM, SOAR, EDR, threat intelligence platforms, and vulnerability management tools.
- Excellent leadership, communication, and stakeholder engagement skills.
Preferred Certifications:
- CISSP (Certified Information Systems Security Professional)
- CISM (Certified Information Security Manager)
- GIAC certifications (e.g., GCIA, GCIH, GCFA)
- ITIL, PMP, or other project/operations management certifications are a plus
MORGAN MCKINLEY
EA Licence No: 11C5502
EA Name: Lim Sook Fern
Registration No: R1106192
