Senior/Lead Cybersecurity Specialist

Mandai Wildlife Group is the steward of Mandai Wildlife Reserve, a unique wildlife and nature destination in Singapore that is home to world-renown wildlife parks which connect visitors to the fascinating world of wildlife. The Group is driving an exciting rejuvenation plan at Mandai Wildlife Reserve, adjacent to Singapore's Central Catchment Nature Reserve, that will integrate five wildlife parks with distinctive nature-based experiences, green public spaces and an eco-friendly resort.

Job Duties and Responsibilities:

We are looking for a skilled Senior/Lead Cybersecurity Specialist with 6-8 years of experience in managing endpoint detection and response (EDR), vulnerability management, security monitoring and analysis, and incident response. The successful candidate will be responsible for safeguarding our information systems by identifying and mitigating potential threats, responding to security incidents, and ensuring the continuous improvement of our security infrastructure. The ideal candidate will have a good background in information security, familiarity with various attack vectors, and the ability to stay updated with the latest security trends and technologies. Excellent problem-solving skills and a proactive approach to security are essential for this role.

Endpoint Detection and Response (EDR)

• Lead the configuration, optimization, and maintenance of EDR solutions
• Develop and implement custom detection rules and optimize response workflows to enhance threat detection capabilities.
• Conduct regular monitoring and analysis of EDR alerts to identify potential security breaches.
• Implement new capabilities to enhance EDR solutions in the ever-expanding information systems landscape of Mandai.
• Continuously assess and improve EDR strategies to adapt to emerging threats.
• Good understanding of threat actors and the multiple entry points commonly targeted in cyber intrusions.

Vulnerability Management

• Conduct simulated attacks on our systems using industry-standard tools such as  Nessus, Metasploit and Cobalt Strike to identify and exploit vulnerabilities.
• Perform regular vulnerability assessments and scans across the organization's network and systems.
• Oversee regular vulnerability assessments and penetration tests using security tools
• Identify, classify, and prioritize vulnerabilities based on risk and impact.
• Collaborate with IT and development teams to remediate identified vulnerabilities and ensure timely resolution.
• Track and report on the status of vulnerabilities and remediation efforts.

Incident Response

• Lead the response to security incidents, including identification, containment, eradication, and recovery.
• Conduct root cause analysis and post-incident reviews to prevent recurrence and improve incident response processes.
• Develop and maintain incident response plans and playbooks.

Security Monitoring and Analysis

• Monitor and manage Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms, along with other security tools, to identify, investigate, and respond to suspicious activities and security incidents.
• Analyze security logs and alerts to identify potential threats and anomalies.
• Manage PAM, Cloud and Phishing solutions owned by CyberSecurity Team.
• Develop and implement use cases and detection rules to enhance security monitoring capabilities.

Security Awareness and Training

• Conduct security awareness training sessions for employees to promote best practices and security hygiene.
• Develop and distribute security awareness materials and communications.

Documentation and Reporting

• Maintain accurate and up-to-date documentation of security policies, procedures, and incidents.
• Prepare regular reports on security metrics, incidents, and compliance status for management.
• Develop and contribute cybersecurity updates and strategic materials for management meetings, reporting, including drafting communications and accurately documenting meeting minutes and action items.
• Understand security requirements and provide support for CyberSecurity work packages in tenders, rfqs and projects

Jon Requirements:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 6-8 years of experience in cyber security, with a focus on EDR, vulnerability management, and incident response.
• Experience with security tools and technologies such as host endpoint security (EDR), privilege access management (PAM), cloud security (WAF), web proxy, security event and incident management tool (SIEM), threat intelligence and security operations including troubleshooting techniques and the use of diagnostic tools.
• Experience with CrowdStrike Falcon and NGSIEM are a plus.
• Proficiency in analyzing security logs and alerts using SIEM tools
• Strong analytical and problem-solving skills.
• Excellent communication, Team player and interpersonal skills.
• Relevant certifications (e.g., CISSP, CISM, GCIH, GIAC, CrowdStrike) are a plus.
• Strong knowledge of cyber security principles, practices, and frameworks (e.g., NIST, ISO are a plus.