Our client is a leading enterprise with a sophisticated technology presence in the region. As a Cyber Security Incident Manager, you will be the driving force during critical security events. You’ll command the incident response process—from initial detection through to detailed post-incident analysis and remediation. Your role is pivotal in coordinating cross-functional teams, guiding remediation efforts, and ensuring continual process improvement, all while keeping key stakeholders informed and confident in the cyber defenses. Perm position.

Key Responsibilities:

• Incident Response Leadership:

1. Critical Coordination: Serve as the pivotal point during major cyber security incidents. Spearhead response efforts with a clear containment strategy, ensuring that critical stakeholders receive timely situational updates.
2. Stakeholder Liaison: Act as the bridge between key stakeholders and all designated responder groups, ensuring clarity and unity during and after incidents.

• Incident Management and Oversight:

1. Follow-Up & Remediation: Oversee the full lifecycle of cyber security incidents by directing remediation actions. Ensure that every incident is thoroughly analyzed, addressed, and prevented in the future.
2. Alert & Events Review: Evaluate the handling of security alerts/events processed by L1/L2 Analysts to confirm adherence to playbooks and service level agreements.

• Advanced Threat Analysis:

1. Root Cause Analysis : Dive deep into threats to identify not just what happened, but why it happened. Formulate and execute strategies to neutralize the root causes effectively.

• Process & Playbook Management:

1. Continuous Improvement: Maintain, update, and refine the Cyber Security Incident Response processes along with scenario-based response playbooks, ensuring the practices stay ahead of emerging threats.

• Cross-Function Collaboration:

1. Unified Standards: Work seamlessly with various functions, technology teams, and cyber risk controls to ensure that guidelines, standards, and policies are applied consistently across the board.

• Leadership and Development:

1. Personal Growth & Team Building: Align your professional growth with the business objectives. Play an active role in transforming and pushing forward the capabilities of the team and department.
2. Diversity & Inclusion: Embrace and promote a culture of inclusivity, trust, and respect. Model collaboration and support cross-team engagements to foster a unified work environment.

• About You – Qualifications and Experience:
• Educational Background:

1. A University Degree in Computer Science, Software Engineering, or a related discipline.

• Industry Certifications (at least one):

1. Credentials such as CISSP, GIAC (Incident Handler or Intrusion Analyst), OSCP, or comparable certifications.

• Experience:

1. A minimum of 15 years overall, with at least 8 years dedicated to cyber security in a regional or global capacity.

• Technical & Methodological Expertise:

1. Solid understanding and experience with the NIST “Computer Security Incident Handling Guide” or an equivalent framework.
2. Proficient in developing and using SIEM, SOAR, UEBA, and Threat Intelligence platforms.
3. Extensive hands-on knowledge with security tools such as Splunk, XSOAR, Threat Intel Platforms, and UEBA technologies.
4. Deep expertise in Windows and UNIX OS internals, along with TCP/IP and network fundamentals.
5. Familiarity with cloud platforms including Amazon Web Services, Azure, Google Cloud Platform, Tencent Cloud, and Alibaba Cloud.
6. In-depth understanding of frameworks and concepts such as MITRE ATT&CK & D3FEND, the Cyber Kill Chain, Incident Response methodologies, Threat Hunting, and the Threat Intelligence Lifecycle.

• Communication Skills:

1. Outstanding verbal and written communication abilities. You should be able to translate highly technical topics into clear, understandable insights for both executive leadership and non-technical audiences.

• Additional Expertise:

1. Experience in researching threat actors and critically assessing their risk levels.

All applications applied through our system will be delivered directly to the advertiser and privacy of personal data of the applicant will be ensured with security.