Loading...
Share this Job

ASOC Manager

Date: 25-Mar-2021

Location: Singapore, Singapore

Company: Singtel Group

 

    1. ASOC Manager
  1. - 2.4.1  

The ASOC Manager’s responsibilities shall include, but not limited to the following tasks:

 

  1. Overseeing and coordinating the activities of the ASOC personnel supporting the monitoring and incident response;
  2. Collaborating with IHiS to ensure that effective monitoring is implemented for all environments;
  3. Ensuring that processes and procedures are followed;
  4. Leading the execution of response procedures to confirm, track and resolve cyber security incidents;
  5. Advising IHiS on initial incident activities and subsequent incident activities;
  6. Ensuring that IHiS’ senior management is informed of key situations that require escalation;
  7. Providing weekly and monthly updates.

 

  1. - 2.4.2  

The ASOC Manager shall have the following qualifications:

 

  1. At least FIVE (5) years of experience working in a Security Operation Center of similar size with the portfolio as a Security Operation Center Manager;
  2. Relevant training on the proposed products, and has obtained professional certification such as GIAC Continuous Monitoring Certification (GMON), GIAC Information Assurance Certified Intrusion Analyst (GCIA), GIAC Information Assurance Certified Incident Handler (GCIH) or Certified Information Systems Security Professional (CISSP), or equivalent;
  3. The necessary soft skills. The ASOC Manager shall be continually assessed on his/her interpersonal skills and strong communication skills.

 

 

 

    1. Threat Monitoring Analyst (Security Analyst)
  1. - 2.5.1  

The Threat Monitoring Analyst’s responsibilities shall include, but not limited to the following tasks:

 

  1. Providing continuous technical monitoring (such as intrusion identification, event correlation and threat containment), detection, correlation, analysis and support involving handling of cyber event such as identifying user security issues;
  2. Performing initial analysis (e.g. analysing and reviewing alerts, eliminating false positives and determining severity of threats) to determine impact of compromise;
  3. Determining the nature, mechanisms and scope of incident by performing event correlation and historical searches to determine the extent of a security compromise;
  4. Performing event correlation across the In-Scope Institutions to identify similar attack pattern and spread of attack;
  5. Handling case management, generating tickets and reports when required, and tracking open tickets until closure;
  6. Generating incident or investigative reports.

 

  1. - 2.5.2  

The Threat Monitoring Analyst shall have the following qualifications:

 

  1. At least TWO (2) years of experience working in a Security Operation Center with security monitoring and escalation of threats responsibilities;
  2. Relevant training on the proposed products, and has obtained professional certification such as GIAC Information Assurance Certified Intrusion Analyst (GCIA), GIAC Information Assurance Certified Incident Handler (GCIH), or equivalent.

 

 

 

    1. Incident Investigation Analyst (Threat & Intel Analyst)
  1. - 2.6.1  

The Incident Investigation Analyst’s responsibilities shall include, but not limited to the following tasks:

 

  1. Performing detailed system analysis and correlation to identify pattern of intrusion;
  2. Creating use cases for detecting similar intrusion;
  3. Identifying new or useful Indicator of Compromise;
  4. Conducting researches and evaluating trends in remediation approaches;
  5. Creating and maintaining procedures for utilising the EDR and NDR tools.

 

  1. - 2.6.2  

The Incident Investigation Analyst shall have the following qualifications:

 

  1. At least FOUR (4) years of experience working in a Security Operation Center with security monitoring and escalation of threats responsibilities;
  2. Relevant training on the proposed products, and has obtained professional certification such as GIAC Information Assurance Certified Intrusion Analyst (GCIA), GIAC Information Assurance Certified Incident Handler (GCIH), or equivalent;
  3. The necessary soft skills. The Incident Investigation Analyst shall be continually assessed on his/her interpersonal skills and strong communication skills.

 

 

    1. Incident Responder
  1. - 2.7.1  

The Incident Responder’s responsibilities shall include, but not limited to the following tasks:

 

  1. Being on standby for 24/7 to execute the incident response process according to the incident response standard operating procedure, and to work closely with the IHiS Threat Hunting team to effectively scope and contain incidents;
  2. Conducting research and continuously improving investigative methodologies and techniques, including hard disk drive, network, and memory forensics and investigating systems for malware and reverse engineering malware;
  3. Conducting and documenting research on IHiS and the In-Scope Institution to better understand the environment, as well as researching and documenting critical services and systems. Incident response toolkits shall be regularly tested on identified critical services and systems;
  4. Regularly conducting meetings with IHiS to improve the incident response plan and associated documentation, run through table-top dry runs to drill all parties in responding effectively, present the latest threats, attacks and gaps in the In-Scope Institution's environment and work out how to improve the incident response procedures to match industry standards;
  5. Creating and maintaining procedures for utilising the EDR and NDR tools;
  6. Taking part in regular red/blue team exercises.

 

  1. - 2.7.2  

The Incident Responder shall have the following qualifications:

 

  1. At least TWO (2) years of experience in hard disk drive, memory and network traffic acquisition and analysis;
  2. Relevant training on the proposed products, and has obtained professional certification such as GIAC Information Assurance Certified Incident Handler (GCIH) or equivalent;
  3. The necessary soft skills. The Incident Responder shall be continually assessed on his/her interpersonal skills and strong communication skills.