Senior Manager, Group Information Security (Cyber Security Incident Response - IR Team Lead)

🌟 Hiring: Senior Manager GIS Cyber Security IR Lead – Malaysia (Client Location) | New Era Technology 🌟

Client Location: KL, Malaysia
Company: New Era Technology – www.neweratech.com
Work Type: Full-Time

Employment: Permanent

🚀 About the Role:

New Era Technology is looking for experienced Senior Manager GIS Cyber Security IR Lead to be deployed at our prestigious client in Malaysia at their KL office.

🛠️ Key Responsibilities:

PURPOSE

• Position of IR Team Lead
• Most senior incident responder with subject matter expertise
• Supports the pillar head of Security Monitoring and Incident Response in leading the Incident Response sub-function
• Provide visibility to the pillar head of Security Monitoring and Incident Response on the day-to-day operations of the team
• Lead the coordination, investigation, management, and resolution of a broad range of cyber-security incidents.
• Establishes processes and SOPs.
• Proactively identify, propose and drive the transformation and enhancement projects through the management and collaboration with relevant internal teams and external solutions providers to continuously improve the Group Cyber Security Incident Response Management, Detection and Monitoring processes and SOPs, performed by internal teams and vendors, leveraging automation and technologies available.
• Build knowledge and coach Business Units IT Security leads, to understand their role in Cyber Incident Management.

KEY ACCOUNTAIBILITIES

• Work with L1 and L2 Security Monitoring service providers to ensure L1/L2 resolutions meet the expected SLA and to enhance their monitoring, triage investigation processes capabilities prior to escalation.
• Oversee delivery of the L3 incident response team and ensure that they meet incident response SLA’s and SLO’s.
• Ensure L3 IR team is assigned tasks efficiently and keep track of work delegated from pillar head of SM&IR
• Coordinate IR functions with other related functions included that of Threat Intelligence, in collaboration with Threat Intelligence lead
• Investigate incident response cases to identify root cause, and coordinate with multiple internal teams and external solutions providers to remediate and resolve issues on a timely manner and effectively.
• Leverage detection and response solutions in place, to further assess and proactively address any escalated potential incidents
• Identify and drive continuous improvement of Cyber Incident detection, contextualization and response processes and tools, leveraging automation and orchestration where possible
• Manage and coordinate potential incidents escalations, for investigation, along with any required internal or external stakeholders
• Lead and manage the communication and coordination of Cyber Security Incident response actions with Business Units and ensure smooth and proper closure of the Incident Response cases
• Analyze the findings of Threat Intelligence and work with relevant internal teams and Business Units to coordinate and/or execute actions to ensure prevention, detection and response capabilities setup is maximized against those new threats.
• Perform in-depth analysis of malware or other potential malicious processes or software identified in the organization
• Coordinate and manage Cyber Security testing activities, and provide advice on remediation
• Develop, document and maintain SOPs and knowledge base for cyber security services relating to incident response, intelligence analysis, evidence acquisition, forensics recovery, and others
• Continuous knowledge improvement in tools and best practices in Cyber Security threat monitoring and incident response, including contextualization and automation
• Evaluate new emerging Cyber Security technologies and make recommendations for adoption within Client.

KEY PERFORMANCE INDICATORS

• Timely and accurate coordination and management of all incident response cases within SLA for self and the rest of the team
• Successful implementation of transformation and improvement initiatives to enhance Incident Response Management and Monitoring capabilities, with the support of Group IT Security Engineering teams
• Evolve Cyber Incident Monitoring, Contextualization and Response processes and SOPs, leveraging automation and technologies available
• Doing things right, creating synergies for the overall goals and objectives, along with a people first approach

EXTERNAL & INTERNAL CONTACTS

• Group CISO
• Pillar lead of Information Security Monitoring and Incident Response (lead of Cyber Fusion Centre)
• Threat Intelligence lead (peer)
• Security Operations Centre lead (peer)
• Group IT and IT Security Teams
• Business Units IT and IT Security Teams
• IT Vendors and/or Service Providers

QUALIFICATIONS / EXPERIENCE

• Minimum 6 years working experience in Cyber Security Incident Management
• Degree from Information Technology or equivalent discipline
• Desirable Certifications on: ECCouncil Computer Hacking Forensics Investigator (CHFI), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering
• Malware (GREM), GIAC Certified Forensic Analyst (GCFA)
• Regional experience in this role is preferred
• Experience in a team lead role desired

KNOWLEDGE & TECHNICAL SKILLS

• Able to train less experienced L1 and L3 team members to transfer skills and knowledge
• Excellent knowledge of Advanced Persistent Threats, attack tools, techniques, and methods used by adversaries
• Excellent knowledge of penetration testing services and techniques.
• Excellent written and verbal communication skills and ability to perform working under pressure (IT Security Incidents)
• Excellent management and coordination skills with solid influencing skills to drive remediation, resolution and changes in a regional and multicultural environment
• Ability to define, prioritize and execute process in a structured manner
• Experience in an operational capacity as part of IT Security incident response function
• Experience with networking and TCP/IP traffic, along with firewall, SIEM, IPS, EPP, EDR, APT, DLP, proxy, antivirus, anti-spam and spyware solutions.
• Experience conducting log and activity review, along with stream or packet capture, in support of intrusion analysis.
• Desirable: Certification in Crowdstrike or Carbonblack EDR solutions.
• Desirable: Experience on Splunk and QRadar SIEM solutions
• Desirable: Experience with a programming/scripting language

👤 Preferred Candidate:

• Nationality: Malaysians preferred.
• Availability: Candidates who can join max in 30-60days.

📧 How to Apply:
Send your updated resume to Sravani.Karri@neweratech.com with the subject line:
“Senior Manager GIS Cyber Security IR Lead – Malaysia”

🔗 About Us:
New Era Technology (www.neweratech.com) is a global IT services provider with a footprint in 80+ countries, delivering cutting-edge digital transformation, consulting, and staffing services across industries