关于职位
1.Manage Cybersecurity Operations and Vulnerability management.
2.Manage information security operations improvements.
3.Manage the security tools to cover and protect global users/services.
4.Manage vendors and cooperate with internal teams to drive the success of objective
...
5.Responsible for managing Global Security Operations Center (SOC), including daily operations, operations processes, operations quality, and team resources.
6.Responsible for detection and response related tools’ operations, change request and effectiveness improvement.
7.Responsible for Vulnerability management, including but not limited to Vulnerability lifecycle from Finding, Scanning, Track until closure.
8.Negotiate terms and conditions with vendors to ensure optimum price and high-quality products, review/revise SOW
9.Coordinate and liaise with global, regional, local IT team
10.Responsible for incident investigation and forensic analysis
11.Coordinate other information security functions and business functions on cross functional tasks
12.Other information security operations tasks assigned by CISO or business
技能和经验要求
1.Proven leadership for a lean team
2.Proven solid technical skills on global security operations, SOC management.
3.Proven hands-on and technical skills on Security Products/Tools for Threat Intelligence,Threat hunting, detection, response, and vulnerability, including but not limited to XDR,Zero Trust, SIEM and SOAR
4.Proven management skills on Incident management, Vulnerability Management, Identity & amp; Access Management (IAM) or Mobile Device Management (MDM)
5.Knowledge of incident investigation and forensic analysis
6.Knowledge of and experience with NIST Cybersecurity Framework (CSF);
7.Knowledge of and experience with MITRE ATT&CK and Cyber Kill Chain.
8.Knowledge of common cyber-attacks and counter measures.
9.Ability of scripting and/or programming is a plus.
10.Ability to work independently with or without direction and/or supervision.
11.Ability to prioritize and multitask in a complex environment.
12.Ability to influence and communicate effectively with both technical and non-technical
audiences, including senior business executives and managers.
13.Technical ability of hands-on work when needed.