Currently looking for a motivated and experienced tech expert to take up the Senior Manager, Threat Management position. This position is responsible to lead the threat management for the group within the organization's operating regions, including Greater China and Southeast Asia. This role also partners with and manages various vendors to provide first-class threat management services.
- Manage key stakeholders, including the IT heads in various regions and local teams, to influence and align expectation
- Act as direct point-of-contact with our internal customers. Ensure that they are kept up to date on the latest status for their issues. Resolve any questions they may have, then correctly and efficiently escalate if needed
- Provide oversight and management of the daily threat management including vulnerability management, threat Intelligent management and incident response management
- Lead and manage proactively monitoring systems for malicious activity and intrusions using real time data and alerting from various data sources measured against agreed SLAs
- Partner with and manage the service level and performance of the 3^rd party vendors to deliver vulnerability testing
- Define policies, guidelines and implement the processes in collaboration with our stakeholders
- Define threat management reporting metrics with Director, Information Security and Risk Management and to provide regular reports for management review
The Successful Applicant
- Bachelor's degree in computer science, engineering, or related disciplines.
- Related qualifications and/or industry certifications such as GPEN, GXPN, OSCP, OSCE, OSEE. GWAPT, OSWE, CREST and CCT are preferred.
- Knowledge in security standards reference such as OWASP, SANS, NIST is highly preferred.
- 8 - 10 years of experience in IT, with minimum of 3 years in depth exposure in Threat management, and vulnerabilities management.
- Strong technical or security skills related to vulnerabilities management covering a broad range of operating systems, databases and OT / IoT vulnerabilities and experience in security review and testing.
- Experience of manual attack and penetration testing above and beyond the running of automated tools.
- Knowledge in mobile application/multi-cloud vulnerabilities and experience in mobile application/cloud security review and testing.
- Fluent English, Cantonese & Mandarin with China exposure would be an advantage
- Occasional travel