Senior Manager / Manager (Group Cyber Security)

Job Type:?Full Time

• The role evaluates and advises executive, business, and IT management on technology governance, development and adoption plans to ensure the technology pillar adapts to the evolving business needs and risks for the PSA Group.
• Required to monitor threat intel, perform threat analysis, disseminate advisories and manage the monitoring of security and threat posture. Must also be able to function as a Group Cybersecurity Incident Response Officer (GCIRO) to manage incidents across the entire group.
• This role is also responsible for effective cybersecurity technology governance and management within PSAI to meet the organisation’s security objectives, and conformance to the mission of PSA Group. It goes beyond a consultancy and advisory role.
• The person who fills this role must provide technology leadership and be able to work effectively with and through others and be ready and willing to roll up their sleeves to produce the deliverables and outcome as part of a wider team.
• Must also be able to manage cybersecurity projects and support the project management office in providing oversight over the projects under the PSA Cybersecurity Masterplan.

Roles and Responsibilities

• Cybersecurity Incident Management
• Develop and implement cyber incident response strategy
• Develop approaches to combat cyber threats and mitigate risks to information systems assets
• Develop guidelines to perform incident response strategies and policies
• Implement processes and guidelines to perform incident response protocols, analyse data, and create incident reports
• Implement mechanisms to improve cyber security measures and incident response times
• Oversee the planning and conduct of cyber security exercises
• Manage cyber security incidents
• Handle responses to cyber security incidents
• Lead the recovery of contained cyber security incidents, following established processes and policies
• Utilise appropriate cyber incident management techniques to resolve challenges
• Cyber Security Incident Advisory and Training Oversight
• Act as a subject matter expert in cyber security incident and breach investigations and post-breach remediation work
• Propose procedures to prevent future incidents and improve cyber security
• Monitor the maintenance of the cyber security incident response training plans for security staff
• Threat Analysis and Management
• Oversee cyber threat analysis
• Collect, analyse and store cyber threat intelligence information
• Analyse past cyber-attacks to draw insights and implications on the organization
• Scrutinise vulnerabilities within systems that may pose cyber security risks
• Recommend ways to enhance the resilience and security of IT systems
• Propose mitigation techniques and countermeasures to ensure risk from cyber threats are reduced to an appropriate level
• Evaluate and provide feedback to improve intelligence production, intelligence reporting, collection requirements, and operations
• Conduct in-depth analysis of existing threats and identify existing gaps in the current cyber security set-up
• Proactive research and monitoring of threats and attacks
• Run continuous checks and monitor threats that may exist in the dark web and external web-based applications
• Conduct research on new and existing threats that may impact existing IT systems
• Identify potential attacker groups or individuals and take preventive measures
• Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives related to designated cyber operations warning problem sets
• Present threat awareness reports to technical and non-technical staff
• Oversee the development of internal threat awareness reports
• Classifying threats and simulating attacks on systems
• Identify potential threats that may affect applications and systems using the knowledge of the application and system vulnerabilities
• Run test attacks and simulations on the systems to identify the possibilities of threats and extent of damage it could cause
• Prioritise and rate identified threats based on its severity
• Provide timely notice of imminent or hostile intentions or activities which may impact organisation objectives, resources, or capabilities
• Use existing database of threats and attack histories to pre-empt and classify potential new threats
• Implement threat mitigation strategies and protocols
• Provide guidance on threat mitigation strategies and potential threats and cyber-attacks to ensure current cyber security standards and set-up are updated
• Analyse intelligence and support designated exercises, planning activities, and time-sensitive operations
• Provide evaluation and feedback to improve intelligence production, reporting, collection requirements and operations
• Technology Governance and Management
• Develop technology-driven programmes and initiatives to strengthen the capability of the organisation to mitigate risks
• Responsible for proper enforcement of security practices within the organization especially across Identify, Detect and Respond pillars
• Collect, analyze and comment on IT security metrics and incidents relating to these pillars
• Lead the research and evaluation of emerging technology, industry and market trends to assist in project development
• Oversee the translation of the security architecture to solutions
• Assess, test and select new security products and technologies
• Ensure adequate security solutions are in place
• Align architecture governance with security governance
• Act as a security expert in application development, database design and network efforts
• Evaluate security solutions based on approved security architectures
• Explores new security technologies and architectures
• Promote global PSA IT security culture through knowledge sharing, coaching of IT personnel and project teams as necessary
• Coordinate and lead Cybersecurity Practice Forums to foster sharing and cross pollinations of ideas and experiences to elevate the competencies among BU IT Security Officers
• Manage architecture assessments
• Advise the development of techniques and procedures for the conduct of architecture assessments
• Incorporate emerging security and risk management trends, issues, and alerts into architecture assessment framework
• Develop architecture risk mitigation strategies and policies for the organization
• Analyse and develop security architectural requirements
• Analyse the current architecture to identify weaknesses and develop opportunities for improvement
• Identify and propose variances to the architecture to accommodate project needs
• Manage cybersecurity projects
• Assist in managing the Cybersecurity Masterplan Project Management Office (PMO)
• Manage projects by utilizing project management framework, templates, tools and systems to deliver on cost, time and quality metrics.
• Set expectations for periodic milestone reviews including status reports,
• program risk identification and other dashboards
• Develop, monitor, and maintain projectrisk register, strategic goals and objectives, to business value, and escalated from portfolio components, using risk management processes
• Resolve escalated issues to ensure deliverables meet with project objectives
• Manage and escalate issues by communicating recommended actions to decision makers for timely approval and implementation of proposed solution(s)

Requirements

• Education and Professional Qualifications
• Degree in IT, Computer Science or related discipline, with a CISM and/or CISSP certification and technical certifications including GCIH and/or GCIA
• Tertiary qualification supported by strong track record in cybersecurity domain will also be considered.
• Preferably holds a PMP and TOGAF/SABSA certification.
• Good to Have Experience
• Minimum 3 years of relevant work experience in the areas of IT Security operation management.
• Good understanding and working knowledge of network security
• Experience configuring and supporting relevant security technology and tools (e.g. firewalls, anti-virus software, patch management systems, etc.)
• Experience in cyber security incident response (CSIRT) planning and operation.
• Excellent knowledge of security protocols and procedures. Strong understanding and practical knowledge in security standards e.g. NIST, CSA-CCM would be an added advantage
• Personal Characteristics & Behaviours
• Good communication skills – both written and verbal; Active Listening skills – seek first to understand, then to be understood.
• Strong analytical and problem-solving abilities to identify and fix security risks. Ability to evaluate issues and alternatives, willingness to make decisions and take responsibility for the outcome.
• Able to work effectively at all levels in an organization. You are expected to interface with peers in the other departments as well as with the leaders of the business units to share the corporate security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation.
• Must be contactable and responsive on a round-the-clock basis and be activated after office hours where the situation warrants.
• Take a keen interest in the development of IT security threat landscape and keep abreast of the mitigating technology & services available in the market.
• Willing to travel when required