Assistant Lead, Cyber Defence

COMPANY DESCRIPTION

Mediacorp is Singapore's largest content creator and national media network, operating a suite of TV channels, radio stations, and multiple digital platforms. Its mission is to engage, entertain, and enrich audiences by harnessing the power of creativity.

We are committed to creating an inclusive and diverse workplace where talent thrives. Our hiring decisions are made based on merit and fit-to-role. If you have a disability or special need which requires accommodation to participate in the recruitment process, please inform us when you submit your online application. We will be happy to support as necessary.

Thank you for your interest and application to this role. Please note that only short-listed candidates will be contacted.

DESIGNATION : Assistant Lead, Cyber Defence & Resilience

RESPONSIBILITIES

Step into a high-impact leadership role at the frontline of cybersecurity. As the Assistant Lead for Cyber Defence & Resilience, you will be the operational heartbeat of our Security Operations Centre (SOC), safeguarding the digital and broadcast services that connect millions. You'll not only run and optimize 24/7 cyber defence operations but also shape the next evolution of our resilience capabilities. Working together with the Lead, you will drive transformation while inspiring and mentoring the team defending our critical infrastructure. You will also lead the integration and operationalization of threat intelligence (TI) to enhance situational awareness, decision-making, and defence posture.

Scope of the role

As the SOC Manager and right hand to the Lead for Cyber Defence & Resilience, you'll lead a mission-driven team of analysts and engineers to detect, respond to, and outsmart evolving cyber threats. You will be at the core of cyber incident handling, threat hunting enhancements, and process modernization - delivering measurable impact across broadcast, digital, and corporate environments. Your leadership will help build a stronger, faster, and smarter cyber defence capability.

Responsibilities

Security Operations Centre (SOC) Management

• Drive the real-time operational execution of SOC activities, ensuring threats are detected and addressed with precision and urgency
• Continuously refine detection strategies and use cases to stay ahead of adversaries
• Maintain a high standard of operational discipline, resilience, and readiness in the SOC

Cyber Defence Transformation Support

• Champion key initiatives in cyber defence modernization - implementing smarter automation, scaling detection engineering, and integrating advanced intelligence
• Serve as a tactical change agent, helping shape next-gen defence capabilities alongside the Lead
• Identify opportunities to elevate coverage and response maturity in a fast-paced hybrid environment

Incident Response, Threat Intelligence & Threat Handling

• Orchestrate end-to-end incident management, from detection to recovery, minimizing impact while learning and improving with every event
• Operationalize threat intelligence by embedding actionable IOCs, TTPs, and contextual threat insights into detection and response processes
• Lead threat actor profiling and coordinate with external CTI providers and information-sharing communities (e.g., FS-ISAC, SingCERT)
• Act as the tactical incident commander and technical SME during high-severity incidents
• Strengthen resilience through playbooks, simulations, and post-incident reviews

Leadership, Coaching & Development

• Inspire and mentor a high-performing team; build a culture of curiosity, accountability, and growth
• Provide structured coaching and hands-on guidance to analysts at every level
• Shape the next generation of cyber defenders through continuous skills development and knowledge sharing

Collaboration & Reporting

• Be the bridge between operations and leadership - ensuring clear escalation and reporting
• Track metrics and KRIs for mean time to detect (MTTD), respond (MTTR), and recover (MTTRcv)
• Collaborate with stakeholders across Legal & Regulatory, Technology, HR, and Communications teams to contain incidents and close gaps
• Support regulatory, audit, and compliance readiness through transparent and accountable cyber defence reporting (e.g., IMDA Broadcast Cybersecurity Code, CSA CCoP, PDPA, etc)

Functional/Leadership Competencies

• Strong analytical, problem-solving and critical thinking skills
• Effective communication and interpersonal skills
• Demonstrated experience in team management and leadership
• Team player who is self-driven and capable to work independently
• Excellent cross-functional and interpersonal skills, with the ability to communicate with technical and non-technical teams
• Willingness to work an on-call rotation and when needs arises

Functional Competencies

• Expert-level knowledge of modern SOC practices, detection pipelines, and cyber incident response. Strong understanding of how threat intelligence enhances detection, hunting, and defence decision-making
• Hands-on experience with SIEM, SOAR, EDR/XDR, and CTI platforms; ability to craft and fine-tune detection logic
• Familiarity with adversarial frameworks (e.g., MITRE ATT&CK) and live cyber threats; relevant experience with broadcast and digital platforms a plus
• Working knowledge of regulatory requirements (e.g., IMDA, PDPA, CSA CCoP) and cybersecurity frameworks (e.g., NIST, ISO 27035)
• Advanced understanding of various operating systems, networking and web technologies with professional security certifications would be a plus

QUALIFICATIONS

• Bachelor's Degree in Cybersecurity, Computer Science, Information Technology, or a related field
• Minimum 6 to 8 years of cybersecurity experience, including at least 3 to 4 years in SOC operations and incident response roles. Prior experience leading or managing SOC teams or response functions or integrating and leveraging threat intelligence in security operations is preferred
• Relevant certifications such as CISSP, CISM, CTIA, GCIH, or GCIA
• Proven experience defending against advanced persistent threats (APTs), preferably in media, or critical infrastructure, or digital content sectors
• Demonstrated experience in investigating major Cyber incidents and malware analysis/reverse engineering
• Familiarity with media and broadcasting technologies (e.g., playout systems, digital publishing platforms) is an advantage