About the job
Job Description
FCM is looking for a dynamic and focused team lead to manage the security operations and deliver outcomes that improve the security posture and maturity in the ASIA region. The Team Lead, Information Security Operations (ASIA) will have a strong understanding of security operations and its delivery in a complex operational environment, which includes a good working knowledge of privacy principles and the regulatory environment affecting the regional business.
Reporting to the Global Head of Information Security, this role will have a solid understanding of the business drivers affecting security within the company and provide relevant expertise, guidance, and support for security operations within the region. This includes but not limited to implementation, operation, and maintenance of the information security controls, processes and procedures, aligned to policy and security outcomes.
The ideal candidate is someone who must have the ability to lead a small team, with proven technical hands-on experience in operating technical security controls and platforms, in addition to developing and improving processes and procedures in managing cyber hygiene activities.
In addition to managing the security operations team and acting as an advisor to the regional business, on a day-to-day basis you will be responsible and be directly involved for security incident response, threat intelligence and participating in ongoing audit or compliance activities.
This position requires a track record of competency in the field of operational and technical information security with at least seven years of relevant experience, including at least 2 years in a team lead role managing a security operations team.
Key Responsibilities & Essential Duties
- Security Risk Management
- Work collaboratively with Global Head of Information Security Sec, Group Chief Information Security Officer (CISO) and Risk leadership to identify operational security risk exposure and manage the necessary mitigation within risk appetite
- Review and evaluate new security technologies and practices for introduction into the organisation to reduce information security risk.
- Implement a systematic and structured process for the identification and management of security operational risks
- Security Management
- Work with architecture and delivery teams to ensure projects and applications are designed and implemented in line with security operations capability, hardening standards, and best practice.
- Monitor new threats as they evolve and adjust risk management plans and security controls as necessary.
- Assess security plans for existing vulnerabilities, prioritise security strategies to best cover strategically important data, analyse reports generated by the Next-Gen SOC SIEM and run testing to uncover/anticipate future issues.
- Develop processes and procedures to deliver information security controls and service items that align to improvement initiatives and security priorities in lifting the security posture and maturity regionally.
- In collaboration with other stakeholders, work towards the improvement of Security Controls, Operational processes, and procedures within the region.
- Assess the security of 3rd parties with whom FCTG has a requirement to share information or business processes.
- Liaise with business and project stakeholders as required to provide security operations guidance and input.
- Liaise and work with the privacy teams on any legislative and other frameworks and requirements that the businesses would need to comply with.
- Manage the security operations team including hiring, training, staff development, and performance management.
- Build and nurture external networks consisting of industry and peers, partners, vendors and other relevant parties to address common operational trends, findings, incidents, and cybersecurity risks.
- Monitor day to day operations related to systems, execution of projects, threat intelligence, and incident response.
- Incident Response
- Lead, manage and resolve security incidents and escalations in a timely manner. Ensure security learnings are recorded, and improvement strategies are tracked and delivered.
- Understand and interact with key stakeholders to ensure the consistent application of policies and standards across all technology projects, systems and services including privacy, risk, audit and compliance and business continuity management.
Role Requirements
- 7+ years of experience in information security or technical operations role.
- 2+ years in a team lead role of a security operations team.
- Ability to analyze and simplify complex problems, evaluate them systematically, identify causal relationships and construct frameworks for problem solving.
- Ability to analyze technical and procedural issues and take appropriate action to resolve quickly and accurately.
- In-depth experience in managing and running Incident Response activities.
- Experience with managing and designing procedures in running security operations activities to detect, analyse and respond to events, incidents, and alerts, across security tools providing Logs from, IPS/IDS, Anti-DDoS, SIEM, Data Leakage Prevention, Proxy, Automation & Orchestration, Anti-Virus, CASB and Firewall.
- Experience in security controls and toolsets applicable to secure infrastructure on major Cloud platforms and have knowledge of cloud security best practices and industry security requirements.
- Experience in managing a mix of technical teams or varying skills maturity.
- Demonstrated highly developed oral and written communication skills, with the ability to communicate comfortably with large groups and executives, and to articulate security operations vision and solutions to non-technical stakeholders.
- Ability to manage and priorities workloads and those of the team to deliver to security outcomes on a day-to-day basis.
- Strong experience in working within a security operations environment and Prior hands-on experience in managing security analysts and security engineers individually and or as part of a Security Operations Centre.
- Sound operational knowledge and experience with using security technologies and controls which include Firewalls, SIEM, EDR, Proxy, WAF, Identity & Access Management, Vulnerability Management, penetration testing, IDS/IDP and PKI to name a few.
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and non-technical audiences at various levels, ranging from board members to technical experts.
- Up-to-date knowledge of information security risk management and cybersecurity technologies, methodologies, and trends in both business and IT
- Proven track record and experience in successfully executing programs that meet the objectives of excellence in a dynamic business environment.
- Strong analytical and problem-solving skills with a proven ability to make decisions and lead through high- pressure, high-stress situations.
- Knowledge and understanding of the relevant legal and regulatory requirements for the Financial Industry
REQUIRED CERTIFICATIONS:
- Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or other similar credentials.
- Technical security certifications that are relevant to the role – Microsoft, AWS, Azure etc.
#FCM