about the job.
- Responsible for managing Global Security Operations Center (SOC), including daily operations, operations processes, operations quality, and team resources.
- Responsible for detection and response related tools’ operations, change request and effectiveness improvement.
- Responsible for Vulnerability management, including but not limited to Vulnerability lifecycle from Finding, Scanning, Track until closure.
- Negotiate terms and conditions with vendors to ensure optimum price and high-quality products, review/revise SOW
- Coordinate and liaise with global, regional, local IT team
- Responsible for incident investigation and forensic analysis
- Coordinate other information security functions and business functions on cross functional tasks
- Other information security operations tasks assigned by CISO or business
skills and experience required.
- Proven leadership for a lean team
- Proven solid technical skills on global security operations, SOC management.
- Proven hands-on and technical skills on Security Products/Tools for Threat Intelligence, Threat hunting, detection, response, and vulnerability, including but not limited to XDR, Zero Trust, SIEM and SOAR
- Proven management skills on Incident management, Vulnerability Management, Identity & Access Management (IAM) or Mobile Device Management (MDM)
- Knowledge of incident investigation and forensic analysis
- Knowledge of and experience with NIST Cybersecurity Framework (CSF);
- Knowledge of and experience with MITRE ATT&CK and Cyber Kill Chain.
- Knowledge of common cyber-attacks and counter measures.
- Ability of scripting and/or programming is a plus.
- Ability to work independently with or without direction and/or supervision.
- Ability to prioritize and multitask in a complex environment.
- Ability to influence and communicate effectively with both technical and non-technical audiences, including senior business executives and managers.
- Technical ability of hands-on work when needed.