Senior Manager, Cybersecurity Operations

Job DescriptionGovernance, Risk & Compliance:Develop, maintain, and socialize cybersecurity control standards, and guidelines.Assist stakeholders on cybersecurity risk management program, including identification, assessment, treatment, and reporting of cyber risks.Drive implementation of cyber risk metrics and dashboards for executive and board-level reporting.Advise business and technology units on control design, residual risk, and exceptions.Technology & Architecture:Manage and maintain the organisation's security infrastructure, ensuring optimal performance and availability. Evaluate and recommend new security technologies and tools to enhance security capabilities. Collaborate with IT teams on the implementation and integration of security solutions.Team Leadership & Development:Lead, mentor, and develop a team of security analysts and engineers,fostering a collaborative and high performing environment. Lead efforts to advance the company's expertise in cybersecurity, setting a vision that inspires innovation and excellence.Assign tasks, set priorities, and monitor team performance to ensure efficient and effective security operations. Conduct regular team meetings, provide constructive feedback, and support the professional growth of team members. Contribute to recruitment and onboarding processes for new security operations personnel.Awareness & Engagement:Collaborate effectively with other IT teams, business units, and external vendors on security-related matters. Communicate security risks and recommendations clearly and concisely to both technical and non-technical audiences.Security Monitoring and Analysis:Oversee the continuous monitoring of security systems, including SIEM,intrusion detection/prevention systems (IDS/IPS), endpoint detection and response (EDR), and other security tools. Analyse security alerts and events to identify potential threats, vulnerabilities,and breaches. Develop and refine security monitoring rules, alerts, and dashboards to improve detection capabilities.Incident Response and Remediation:Lead investigations into security incidents and coordinate containment, remediation, and root cause analysis.Conduct post-incident analysis to identify root causes and implement preventative measures.Continuously improve the organization's incident response capability and playbooks.Communicate effectively with stakeholders during security incidents, providing timely updates and recommendations.Threat Intelligence:Stay abreast of the latest security threats, trends, and attack techniques. Utilise threat intelligence feeds to proactively identify potential risks and inform security monitoring and incident response efforts.Management of 3rd Party SecOps team:Define specific security responsibilities, performance metrics (KPIs), and service level agreements (SLAs) upfront. This ensures both parties understand the scope of work, expected outcomes, and accountability. Foster regular and transparent communication channels. Schedule consistent meetings, share relevant threat intelligence, and encourage collaborative problem-solving to ensure seamless integration and responsiveness. Establish clear processes for monitoring performance, conducting audits, and verifying compliance against agreed-upon standards and regulations. Regular reviews and feedback mechanisms are crucial for continuous improvement and risk mitigation.RequirementsBachelor's or Master's degree in Information Security, IT, Computer Science, or related field.Cyber Security related qualifications such as CISA, CISSP, CISM, CRISC, GIAC will be an advantage.Minimum 5 to 8 years of Cybersecurity operations working experienceWell verse in Security Standards such ISO27001 and NIST etc.Good understanding of IT Governance, Project Management and MethodologiesGood understand of various regulation/laws related to cybersecurity such as Cybersecurity Act 2018 (and CCoP 2.0), Singapore's Personal Data Protection Act (PDPA)Well verse in MITRE ATT&CK & D3FEND frameworkTechnical hands-on expertise and well verse in Security related products Firewalls, IDS/IPS, EDR, IAM, PAM, VMS, WAF, SIEM and PKI are preferredFamiliarity with financial services or critical infrastructure regulatory environments is an advantage.