Senior Assistant Director, Cyber Security

NTU’s Centre for IT Services (CITS) manages the campus-wide IT Infrastructure, providing access to all Enterprise IT systems, Learning platforms and Digital Media services. Within CITS, the Cyber Security is responsible for the governance, risk and compliance, as well as security architecture, consultancy, monitoring, incident response, threat intelligence, and digital forensic investigations.

Key Responsibilities:
Cyber Security Operations:
- Lead and oversee the monitoring and maintenance of security operations.- Advise on security technologies and introduce innovative concepts and to strengthen the organization’s security capabilities.- Continuously review and improve the efficiency of existing security operations programs.- Develop policies, standards, and procedures to ensure the effectiveness of security operations programs.- Ensure the development of contingency plans and disaster recovery procedures for the systems managed under the security operations program.

Cyber Security Incident Management:
- Manage and direct team members to conduct cyber security incidents investigations, covering detection, triage, analysis, response and recovery.- Provide training and oversight for team members in digital forensic investigations.- Coordinate incident responses with external entities such as government agencies and CERTs.- Collaborate with stakeholders to implement remedial actions following security incidents.- Stay informed on emerging cyber threats and actor tactics from various intelligence sources.- Plan and execute cyber security tabletop exercises to enhance preparedness.- Plan and review the enhancement of system performance and direct the Computer Security Incident Response team in the development of new use cases to improve our cyber threat detection capabilities.- Oversee root cause analysis during system outages, ensuring timely troubleshooting and continuity of operations.- Identify gap in security processes and recommend tools, software or measures to strengthen the team capabilities and NTU’s overall security posture.

Cyber Security Engineering- Served as a recognized industry expert in cyber security domain in cyber defence.- Oversee the development and maintenance of NTU’s security architecture for Cyber Defence.- Translation of security architecture to solutions to improve Detection and Response capabilities.- Ensure the alignment of security governance with enterprise architecture governance.-
- Ensure compliance with cyber security policies and regulations.- Establish frameworks and determine relevant tools and techniques to guide the development of IT solutions.- Establish internal structures and processes to guide the exploration, integration and evaluation of new technologies.

Organization security improvement program:
- Lead multiple security projects to enhance NTU’s overall security posture.- Explore and implement new technologies to strengthen NTU’s security capabilities.

Requirements:
- Degree in Computer Science, Computer Engineering or a related field. Professional certifications such as CISSP, CISA, CISM or GIAC are advantageous.- At least 10 years of IT experience with 5 years in Security Engineering, Operations and/or Incident Response Management.- Experience leading Cyber Defence Operations or a Security Operations Centre (SOC) will be an advantage.- Proficient in cyber security incident detection and response practices and/or processes, including NIST Incident Handling Guidelines, Cyber Kill Chain, MITRE ATT&CK Framework.- Experience with cyber security tools such as Security Information & Event Management (SIEM), Endpoint Detection & Response, Threat Intelligence and Privileged Access Management solutions.-
- Strong managerial, interpersonal and organisational skills.- Ability to multi-task, work under pressure and deliver results in a timely manner.- A tenacious problem-solver with the ability to navigate ambiguity and foster open discussions to reach consensus.Hiring Institution: NTU