linkfinance - Tout l'emploi en finance : offres d'emploi banque, gestion, comptabilité, IT, assurance
- Connectez-vous à linkfinance :
- Espace candidats / Espace recruteurs
Computer Security Incident Response Expert
- 06 mai
- Singapore
- CDI
Position
Computer Security Incident Response Team Expert (CSIRT Expert)
CSIRT Expert is a technical expert role within the Asia Information System Security (ISS) Team, Singapore, functionally aligned to Group?s ISS CSIRT team in Head Office, France.
ASIA ISS team oversees and supervise the Information System Security related matters in the region, including cybersecurity monitoring (SOC), incident response (CSIRT) and responding to each country's regulation proactively.
The ASIA ISS CSIRT oversees detection, control and reporting of cyber incidents when it occurs and work closely with IT Operations team to recover and restore the systems that are affected by the security incident.
In this role, CSIRT Expert role will be responsible for responding and managing end to end Security Incident Management Lifecycle: Incident Identification, Triage, Containment, Eradication, Recovery and Lesson Learnt.
Person will be technical point of contact to respond and drive the security incidents response in the region.
Job Responsibilities
The Expert has a wide spectrum of responsibilities and will be responsible for following activities (but not limited to) in day-to-day work:
Identifying and detecting Incidents and taking immediate action on security incidents including (and not limited to) DoS attacks, malware attacks, phishing attacks, web attacks
End to end ownership in driving and leading Security Incident Response and Resolution activities
Participate and support performing forensics investigations as required to respond to the Security Incidents
Responding to Security Threats and Intelligence alerts & notifications from Group CERT, Regional Regulators and authorized Threat Intelligence groups and ensuring appropriate preventive and detective actions are coordinated and deployed in liaison with IT Operations teams as per the defined approach and in timely manner
Owning end to end coordination, communications and deployment of action plans for Threat Advisories or lesson learnt from Security Incidents
Prepare detailed Incident Post-mortem report and Executive Summary to document the Security Incident chronology, root cause, remediation and lesson learnt
Creating and updating the incident response plan (IRP) and playbooks and ensuring periodical review of playbooks to ensure the relevancy of response actions in current context, including updated information of all stakeholders involved
Collaborate with other Geo?s CSIRT team members on security matters and act as a backup to manage security incident and other security activities in scope as needed
Periodic review of security measures of Networks (Switches.
Routers, Firewall, IPS, etc.) and Systems (Win*,*NIX, etc.) in support of management of vulnerabilities
Support and integrate with incident response, threat ntelligence, and overall security strategy as needed
Complete all mandatory trainings as required to attain and maintain competence
Work Schedule
v Work Hours: 8.45a.m.
to 6.
30p.m (Monday to Friday) with one-hour lunch break.
o CSIRT team globally follows ?follow-the-sun? model and work on Critical incidents from other geographies during Asia business hours
v Additionally, candidate may need to be involved in Crisis level Critical Security Incidents observed outside of Singapore working hours on exceptional basis.
Bachelor and above in relevant discipline
Computer Security Incident Response Team Expert (CSIRT Expert)
CSIRT Expert is a technical expert role within the Asia Information System Security (ISS) Team, Singapore, functionally aligned to Group?s ISS CSIRT team in Head Office, France.
ASIA ISS team oversees and supervise the Information System Security related matters in the region, including cybersecurity monitoring (SOC), incident response (CSIRT) and responding to each country's regulation proactively.
The ASIA ISS CSIRT oversees detection, control and reporting of cyber incidents when it occurs and work closely with IT Operations team to recover and restore the systems that are affected by the security incident.
In this role, CSIRT Expert role will be responsible for responding and managing end to end Security Incident Management Lifecycle: Incident Identification, Triage, Containment, Eradication, Recovery and Lesson Learnt.
Person will be technical point of contact to respond and drive the security incidents response in the region.
Job Responsibilities
The Expert has a wide spectrum of responsibilities and will be responsible for following activities (but not limited to) in day-to-day work:
Identifying and detecting Incidents and taking immediate action on security incidents including (and not limited to) DoS attacks, malware attacks, phishing attacks, web attacks
End to end ownership in driving and leading Security Incident Response and Resolution activities
Participate and support performing forensics investigations as required to respond to the Security Incidents
Responding to Security Threats and Intelligence alerts & notifications from Group CERT, Regional Regulators and authorized Threat Intelligence groups and ensuring appropriate preventive and detective actions are coordinated and deployed in liaison with IT Operations teams as per the defined approach and in timely manner
Owning end to end coordination, communications and deployment of action plans for Threat Advisories or lesson learnt from Security Incidents
Prepare detailed Incident Post-mortem report and Executive Summary to document the Security Incident chronology, root cause, remediation and lesson learnt
Creating and updating the incident response plan (IRP) and playbooks and ensuring periodical review of playbooks to ensure the relevancy of response actions in current context, including updated information of all stakeholders involved
Collaborate with other Geo?s CSIRT team members on security matters and act as a backup to manage security incident and other security activities in scope as needed
Periodic review of security measures of Networks (Switches.
Routers, Firewall, IPS, etc.) and Systems (Win*,*NIX, etc.) in support of management of vulnerabilities
Support and integrate with incident response, threat ntelligence, and overall security strategy as needed
Complete all mandatory trainings as required to attain and maintain competence
Work Schedule
v Work Hours: 8.45a.m.
to 6.
30p.m (Monday to Friday) with one-hour lunch break.
o CSIRT team globally follows ?follow-the-sun? model and work on Critical incidents from other geographies during Asia business hours
v Additionally, candidate may need to be involved in Crisis level Critical Security Incidents observed outside of Singapore working hours on exceptional basis.
Bachelor and above in relevant discipline
