Senior Technical Manager, Cyber Defense Engineering

The Department

The Cyber Security Department is responsible for the enhancement of the resiliency of Club's information, information systems and network infrastructure, as well as identifying security threats and vulnerabilities and effectively manage the risks. The team also works to ensure the Club's conformance to local cyber laws and regulations.

The Job

You will:

• Managing the Cyber Defense Engineering Team in the aspects of Security Monitoring Use Case & Playbook and Endpoint Detection and Response (EDR) Rules (including Development, Testing and Fine Tuning) through hiring, training, coaching, objective setting and performance management of team members
• Managing the external service providers and product vendors, ensuring the appropriate service level performance is established, monitored and met
• Provide oversight on backlog prioritisation, working with the Security Operations Centre (SOC) Team to ensure the appropriate prioritisation of the issues and enhancements, incl. log source onboarding
• Ensure the correlation rules and response playbooks are tested and optimised to meet the performance and accuracy criteria
• Develop capabilities to monitor security logging coverage and availability, and response measures to alert the log source owners to remediate the log issues
• Lead the team to perform regular reviews and attack simulations, to identify potential detection gaps and remediate them
• Develop and maintain a mapping of the security monitoring use cases against the MITRE ATT&CK Framework, and the corresponding playbooks

About You

You should have:

• Degree in Computer Science, Information Security, and/or related discipline
• 12 years or more of working experience in the related field, with at least 5 years in an engineering role
• Strong experience covering technologies for Cyber Threat Intelligence, Security Monitoring & Cyber Security Incident Response
• High degree of logical and analytical thinking skills
• Excellent interpersonal, collaborative and communication skills
• Well-disciplined with exemplary professional competence and integrity
• Experience with the following services and technologies – SIEM, SOAR, Threat Intel Platform, Breach Attack Simulation, API, Python
• Industry-recognised certification in one or more of the following – CISSP, CISM, GCIA, GCIH, GSOC, etc.

Terms of Employment

The level of appointment will be commensurate with qualification and experience.

Enquiries

We are an equal opportunity employer. Personal data provided by job applicants will be used strictly in accordance with the Club's notice to employees and prospective employees relating to the Personal Data (Privacy) Ordinance. A copy of which will be provided immediately upon request.