Job Description

Main Duties and Responsibilities:

1. Technology Risk Assessment for Regulatory Compliance

Conduct technology risk analysis, ensuring alignment with business and regional regulatory requirements. Maintain, document and update changes to policies, SOPs, artifacts, risk registers, etc. Perform assessments for third-party and regulatory adherence. Actively engage in certification, auditing, findings, assessment and compliance efforts.

2. Security Operations

Continuously watch network traffic, systems, and applications for suspicious activity, anomalies and potential security incidents Identify security flaws and weaknesses in the networks, systems and applications to prevent them from being exploited. Conduct detailed assessment & audit on all security controls, esp. email, endpoints, app., data, etc. Deploy, configure, and manage various security tools such as endpoint, IAM, PAM, xDR, SIEM, etc according to NIST, CISA and MITRE framework protocols. Threat detection, incident response, vulnerability management, security policy enforcement and continuous monitoring of security controls. Develop and execute plans to respond to security incidents, containing and mitigating them. Collaborate, and follow-up with other key technical team members and HODs.

3. Incident Response

Lead incident response lifecycle (detection, triage, containment, eradication, recovery). Handle security incidents tickets escalated by team, and draft security incident report covering the root cause, forensic evidence, and recommended mitigation plans Conduct and support forensic analysis of endpoints, logs, and network traffic to determine root cause and impact. Coordinate with internal stakeholders and external partners during critical incidents. Develop and maintain playbooks and incident reports.

Job Requirements: (e.g., educational/ professional qualifications)

Min. 3 - 5 years of experience in technology risk, blue team operations, and regulatory compliance. Diploma or Degree in IT, cybersecurity, or related field. Proficient in both English and Mandarin as you will need to work closely with Chinese counterparts. Expertise in technology risk, defensive strategies, endpoint security, IAM, PAM, and access control. Strong knowledge of security frameworks, layered defense, SIEM, endpoint & VPN security, DLP, etc. Familiarity with vulnerability management, and security configuration and automation. Digital Forensics and Incident Response (DFIR) experience enabling deeper investigations and root cause analysis is an added advantage. Ability to analyze security issues and recommend effective solutions. * Relevant certifications such as Comptia Security+, CISSP, or vendor/industry certifications is an added advantage.