Job Description

Summary Salary: Competitive Team: Information Technology Location: Singapore - Technology Centre

Our Cyber Security team

It\'s no secret that our intellectual property is critical to our success. To secure our ideas and designs, our customer and employee personal data, and to protect operations from cyber-crime, Dyson\'s global Cyber Security and IT Risk group works effectively to keep our secrets secret and secure our crown jewels, using advanced technologies to stay one step ahead of the game.

We have a continuous focus on transforming and managing all aspects of security - including architecture, engineering, technology risk management, cyber operations, end user security and project delivery. We invest heavily in new security capabilities (technology, processes, and people) and leverage our strong cyber ecosystems to tackle future threats.

Product Design, Manufacturing, Supply Chain, eCommerce and Enterprise IT Systems are at the beating heart of Dyson\'s cyber defence priorities. We play a key role in ensuring the successful design and delivery of exciting new business and security projects, and that our controls and security platforms remain effective and compliant. Furthermore, our cyber operations capabilities are delivered on a global 24x7 basis from our strategic locations across the US, UK / Europe, India, Singapore and China.

The Cyber Defence Operations team play a key role in our cyber team and is responsible for the detection and response to cyber threats. This job description relates to the Associate Principle of Cyber Defence Operations which is a critical position in this function.

About the role

The major focus of this role is to continue the evolution of the Cyber Defence Operations team across our core functions: Security Operations, Threat Detection Engineering, SOAR, Threat Hunting & DFIR.

As a subject matter expert, you will develop technical solutions, mature processes, and procedures to allow for change and growth. In addition, you will also coach, mentor, motivate and technically develop their current team of professionals and partners. You will build strong relationships with operational teams to support legacy processes, as well as identify new opportunities to build world class counter measures.

Working with senior leadership, you will be expected to run and own various pipelines across a multitude of programs and projects to mature our Cyber Defence functions. Your mission is to ensure the effective monitoring and triage of security events, mastery of the technologies and information we analyse is at a high level. Maintaining expert-level knowledge of detection tools and techniques and providing the team with the technical capabilities required for incident response, containment, and recovery.

Key Responsibilities:

Ensure security detection, protection, response, and recovery technologies, capabilities and procedures are up to date with the latest cyber trends.

Ensure proper integration and handover of new security services within the monitoring and detection capability of Cyber Defence Operations.

Develop and maintain Cyber Defence Operations related capabilities to ensure all necessary information and security data is continuously being collected, correlated, and analysed to detect potential external and internal threats to the organization.

Ensure our processes, playbooks and procedures are adhered to and enable continuous improvement across our core cyber defence domains.

Implement cyber resilience frameworks, technologies, detection mechanisms and technical process documentation for Cyber Defence Operations, ensuring cyber threats, risks and vulnerabilities are addressed effectively and efficiently.

Provide expert technical analysis support for escalations from L1-L3 triage. Take the lead on cyber investigations and support Cyber Defence leadership in the major incident management process to ensure effective containment and recovery of cyber incidents.

Mentoring junior members of the team and supporting the development of the next generation of cyber defenders through our graduate program.

About you

We seek applications from individuals who are highly self-motivated individuals with a positive mindset & can-do attitude, and a strong believer of \xe2\x80\x9cSecurity as an enabler\xe2\x80\x9d to support business growth. The applicant should have 7+ years of experience with an exceptional track-record of building and operating within Cyber Defence Operations is required, encompassing a range of responsibilities including acting as technical SME for incident escalations from L1-L3 analysts and developing in house solutions using the Cyber Defence Operations toolsets to ensure effective operation of intrusion detection and incident response.

You will be a critical thinker to see beyond face-value. You will have a passion for finding elegant solutions to complex problems, knowledge of advanced threat vectors and incident response principles, networking services and protocols, an understanding of common SOC technologies (IDS, SOAR, SIEM, EDR, TIP etc.)

Alongside this, you\'ll bring expert knowledge across a collection of the following:

A proven background in two or more of the following domains: Security Operations, Threat Hunting, SOAR, Detection Engineering, Digital Forensics.

Advanced application of frameworks such as MITRE ATT&CK, RE&CT, D3FEND Mandiant Attack Lifecycle, Cyber Kill Chain. Mapping such frameworks to detection mechanisms, incident categorisations and reporting methods.

Strong working knowledge of programming and query languages to develop bespoke tools, threat detection, threat hunting and SOAR capabilities.

Expert knowledge and hand-on implementation experience specific to Network & Infrastructure Security, Endpoint Security, Application Security, Cloud & Mobility Security (IaaS, PaaS, SaaS, CDN), Data/Database Security, etc.

Strong understanding of IT Security Controls (FW/IPS/IDS, NGAV/EDR/MDR, Identify Access Management, User Behaviour Analytics, Data Loss Prevention, SIEM etc.)

Practical knowledge of industry standard frameworks (ISO 2700x, NIST, ITIL, etc.), best practices (CIS, SANs, OWASP, CSA) and regulations (PCI DSS, GDPR, China CSL etc)

Expert knowledge of security tools, techniques, and best practice within enterprise environments.

Expert knowledge of current industry security threats, challenges, and mitigation techniques

Ability to translate and distil complex technical information across all levels of the organization as required for the audience.

Dyson is an equal opportunity employer. We know that great minds don\'t think alike, and it takes all kinds of minds to make our technology so unique. We welcome applications from all backgrounds and employment decisions are made without regard to race, colour, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other any other dimension of diversity.

Posted: 03 July 2023

Dyson