Security Operations, Consultant

At AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone. As pioneering innovators for over 100 years, we’re now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives. To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone. If you believe in developing a better tomorrow, read on. About The Role To lead and manage the day-to-day operations of the Security Operations Center (SOC) team, ensuring the proactive identification, assessment, and mitigation of cyber threats across the organization. This encompasses overseeing security monitoring, incident response, threat intelligence analysis, and the continuous improvement of security posture. The Security Operations Manager is responsible for building and leading a high-performing team, driving strategic initiatives, and ensuring compliance with relevant security standards and regulations. Security Threat Monitoring, Prevention, and Incident Response Lead and manage the SOC team in real-time monitoring of security events and alerts from various sources (e.g., SIEM, firewalls, endpoint detection and response). Maintain an oversight of all the alerts from MASNET, Group SOC and provide support to incident response personnel to ensure all actions & deliverables are achieved within SLAs Manage end-to-end incident handling & management according to established response processes and become subject matter expertise where established processes require enhancement Implement and enhance incident response playbooks and procedures to ensure timely and effective handling of security incidents, including: 1) Triage and initial assessment of security events; 2) Deep dive investigation and root cause analysis; 3) Containment, eradication, and recovery activities; 4) Post-incident review and lessons learned documentation. Security Posture Management Maintain an oversight of related security posture baseline, in the area of cloud security, network security, endpoint security, and server security compliance. Additionally, this role is to lead and manage each SME in the related mentioned area of security domains. Ensure identified security vulnerabilities are remediated or mitigated, as per the vulnerability management processes. This is to ensure that overall organization security posture is managed properly according to the defined baselines. Continuously improve the organization's overall security posture through proactive security enhancements and automation. Lead discussion and remediation with relevant teams to resolve identified issues, as well as elaborating risk, severity, and mitigations. Working collaboratively with security governance and compliance team to to identify and address security gaps raised from both external and internal audit. Security Operations Metrics Provide an oversight and tracking of security operations metrics, including security baseline in the area of cloud security, network security, endpoint security, and server security compliance Lead various security operations reports development for the purpose of management attentions and highlight. Security Operations Initiatives Drive security initiatives & projects and becoming local point of contact with Group for security project facilitation Provide direction, guidance, and collaborate with each SME of cloud security, network security, endpoint security, and server security compliance, for various security operations initiatives Identity Access Management (IAM) Governance Manage end-to-end lifecycle of privilege ID, starting from it is created, vaulted, used, reviewed, and deleted. Lead the review of user access rights and privileges ID to identify and remediate any misconfigurations or unmanaged privileges ID. Oversee Identity and Access Management (IAM) policies and procedures into daily practice and operationalization. Lead IAM projects implementation / deployment / enhancement and liaise with Group Information Security. Requirements University degree in one of the following or related disciplines (Computer Science, Computer Engineering, Information Security, Information Systems)12 years of Tech experience with at least 7-10 years of experience in cyber security area in a regulated environment (e.g.