Senior Technical Manager, Cyber Incident Response

The Job

You will:

  • Critical role during major cyber security incidents to coordinate response efforts, particularly the response and containment strategy and provide regular situational updates to the key stakeholders

  • Take charge of cyber security incident management and provide coordination and oversight of the follow-up and remediation actions, as identified. Liaise between key stakeholders, and relevant responder group(s)

  • Deliver advanced analysis of the threat and identify the root cause of the issue, and remediate them accordingly

  • Perform review on cyber security alerts/events handled by L1/L2 Analysts, ensuring they are handled effectively as per playbook and within SLA

  • Maintain and develop the Cyber Security Incident Response processes and cyber scenario-based response playbooks, on a constant basis

  • Work across functions, technology and cyber risk controls to ensure consistency of guidelines, standards, and/or policies are being followed

  • Align personal development plan with business objectives and embrace the transformation to move the team/department forward

  • Participate and contribute positively to create a diverse and inclusive culture with trust and respect. Play an active role to support cross-team/division/department efforts and model collaborative behaviours

About you

You should have:

  • University Degree in Computer Science, Software Engineering or a related discipline

  • One or more industry-recognised Cyber Security certification such as CISSP, GIAC (Incident Handler, Intrusion Analyst), OSCP, etc.

  • 15+ years of experience with at least 8 years in cyber security in a regional or global capacity

  • Familiar with the NIST “Computer Security Incident Handling Guide” or similar

  • Experience with using and developing SIEM, SOAR, UEBA and Threat Intel Platforms

  • Demonstrate strong verbal and written communication skills, with the ability to communicate technical topics to management and non-technical audiences

  • Knowledge of a broad range of cybersecurity controls.

  • Able to handle rapid response situations with detailed findings, evaluations, and risk assessments to other teams effectively and clearly

  • Deep understanding of Windows and UNIX OS Internals, and TCP/IP fundamentals

  • Knowledge of cloud services platforms such as Amazon Web Service, Azure, Google Cloud Platform, Tencent Cloud and Alibaba Cloud

  • Hands-on experience with Splunk, XSOAR, Threat Intel Platform, UEBA technologies, etc.

  • Deep understanding of MITRE ATT&CK & D3FEND, Cyber Kill Chain, Incident Response, Threat Hunting, and Threat Intelligence Lifecycle, etc.

  • Experience in researching threat actors and assessing the level of threat they pose

Terms of Employment

The level of appointment will be commensurate with qualification and experience.

Enquiries

We are an equal opportunity employer. Personal data provided by job applicants will be used strictly in accordance with the Club's notice to employees and prospective employees relating to the Personal Data (Privacy) Ordinance. A copy of which will be provided immediately upon request.

Share Page
Share this Job :

To share this job on WeChat, please click the button below to copy the link: