Manager, Cyber Threat Intelligence

Summary of the role The Cyber Threat Intelligence & Fusion Centre Manager is responsible to oversee Marina Bay Sand’s (MBS) Cyber Threat Intelligence and Cyber Fusion Centre program. This vertical is part of Marina Bay Sands’ Cyber Security Operations Centre (CSOC). The mission of MBS CSOC is to protect and defend MBS against cyber-attacks targeting the gaming, retail and hospitality sector. The candidate builds, leads and supervises daily cyber threat horizon scanning operation for MBS. For every applicable cyber threat, the candidate is expected to lead the operation to assess and coordinate dissemination, track follow up and defensive / mitigative measures, and to provide reporting as per MITRE Cyber Threat Informed Defence framework. When required, the candidate is also required to provide focused effort and analysis of potential cyber incidents. This position has a local supervisory role and works closely with the global CSOC team in other centers around the world. All duties are to be performed in accordance with the department and Marina Bay Sands’ policies, practices and procedures. Job Responsibilities Consistent and regular attendance is an essential function of this job. Ensure relevant external cyber threat information is detected, responded and / or escalated in a timely fashion. Ensure external cyber threat information tools / subscriptions are maintained, reviewed and effective in detecting external cyber threat information. Ensure process runbooks are reviewed and updated timely. Ensure metrics and trending are collected, reviewed and analyzed timely. Coordinate with other stakeholders to track and resolve findings, where required. Performs other related duties as assigned Job Requirements Education & Certification Degree or Diploma in Cybersecurity Professional cyber related membership and certification is required Experience 5-10 years of work experience in technical cyber threat intelligence operations, incident response investigation and / or malware analysis. Other Prerequisites Proven effective verbal and written communication skills Abilities Facilitate continuously updated intelligence, surveillance, and visualization input to common operational picture managers Identify intelligence gaps and shortfalls Monitor open source websites for hostile content directed towards organizational or partner interests Identify cyber threat tactics and methodologies Identify and characterize intrusion activities against a victim or target Determine effectiveness of intelligence collection operations Recommend adjustments to intelligence collection strategies Develop cyber operations indicators Coordinate all-source collection activities Validate all-source collection requirements and plans Prepare threat and target briefings Identify intelligence requirements Modify collection requirements Determine effectiveness of collection requirements Monitor changes to designated cyber operations warning problem sets Report on adversarial activities that fulfill priority information requirements Prepare cyber operations intelligence reports Prepare indications and warnings intelligence reports Assess effectiveness of intelligence production Assess effectiveness of intelligence reporting Provide intelligence analysis and support Notify appropriate personnel of imminent hostile intentions or activities Determine if intelligence requirements and collection plans are accurate and up-to-date Knowledge Intelligence collection capabilities and applications Intelligence requirements tasking systems and software Intelligence information repositories Threat intelligence principles and practices Operations security (OPSEC) principles and practices Target development principles and practices Target research tools and techniques Priority intelligence requirements Intelligence fusion Adversarial tactics principles and practices Adversarial tactics tools and techniques Threat vector characteristics Cyber attack stages Cyber intrusion activity phases Malware analysis tools and techniques Malware analysis principles and practices Cyber-attack tools and techniques Denial and deception tools and techniques Skillset Conducting non-attributable research Creating target intelligence products Conducting deep web research Performing target analysis Identifying intelligence gaps Conducting open-source searches Converting intelligence requirements into intelligence production tasks Developing collection strategies Work Environment Thrive in a fast-paced, dynamic and global working environment. Adapt and adjust to priorities quickly as circumstances dictate while completing tasks within established time frames Establish and maintain cooperative working relationships with fellow Team Members, management, outside contacts, guests and the public. Meet the basic physical requirements of an office environment including moving freely and frequently about an office, accessing computers and related technologies using peripheral equipment and operating other office equipment. Maintain composure under pressure and consistently meet deadlines with internal and external stakeholders. #J-18808-Ljbffr