Incident Response Lead

Ninja Van is a late-stage logtech startup that is disrupting a massive industry with innovation and cutting edge technology. Launched 2014 in Singapore, we have grown rapidly to become one of Southeast Asia's largest and fastest-growing express logistics companies. Since our inception, we’ve delivered to 100 million different customers across the region with added predictability, flexibility and convenience. Join us in our mission to connect shippers and shoppers across Southeast Asia to a world of new possibilities. 
More about us: - We process 250 million API requests and 3TB of data every day.- We deliver more than 1.5 million parcels every day.- 100% network coverage with 1000+ hubs and stations in 6 SEA markets (Singapore, Malaysia, Indonesia, Thailand, Vietnam and Philippines), reaching 500 million consumers.- 600,000 active shippers in all e-commerce segments, from the largest marketplaces to the individual social commerce sellers.- Raised more than US$500 million over five rounds.
We are looking for world-class talent to join our crack team of engineers, product managers and designers. We want people who are passionate about creating software that makes a difference to the world. We like people who are brimming with ideas and who take initiative rather than wait to be told what to do. We prize team-first mentality, personal responsibility and tenacity to solve hard problems and meet deadlines. As part of a small and lean team, you will have a very direct impact on the success of the company. 
You will be responsible for defining how we set up our information security response capabilities. You need to have experience as an InfoSec Incident Responder and keen to put your experience in building an IR capability.

Responsibilities

• Lead Information Security Incident Management, investigation and resolution for Ninja Van
• Enhance the Information Security Incident Management processes and SOPs, performed by internal teams and vendors.
• Identify and drive continuous improvement in InfoSec Security Monitoring and Incident Response
• Define InfoSec Incident Response processes and SOPs
• Build knowledge and coach Business Units Information Security leads, to understand their role in Cyber Incident Management.
• Manage and coordinate potential incidents escalations, for investigation, along with any required internal or external stakeholders
• Develop, document and maintain SOPs and knowledge base for cyber security services including incident response, intelligence analysis, evidence acquisition, forensics recovery, and others
• Leverage existing tools to Perform InfoSec monitoring. Provide recommendations and conduct tools selection for InfoSec monitoring and response.
• Manage external InfoSec monitoring vendors and enhance their monitoring, triage investigation processes capabilities prior to escalation
• Define Use Cases for security monitoring and work with Info Security and Engineering teams to get them implemented.

Requirements

• Minimum 6 years working experience in Cyber Security Incident Management
• Degree from Information Technology or equivalent discipline
• Desirable Certifications on: ECCouncil Computer Hacking Forensics Investigator (CHFI), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering
• Malware (GREM), GIAC Certified Forensic Analyst (GCFA)
• Regional experience in this role is preferred
• Excellent knowledge of Advanced Persistent Threats, attack tools, techniques, and methods used by adversaries
• Excellent knowledge of penetration testing services and techniques.
• Excellent written and verbal communication skills and ability to perform working under pressure (IT Security Incidents)
• Experienced in multicultural and regional teams management and coordination
• Ability to define, prioritize and execute process in a structured manner
• Experience in an operational capacity as part of IT Security incident response function
• Experience with networking and TCP/IP traffic, along with firewall, SIEM, IPS, EPP, EDR, APT, DLP, proxy, antivirus, anti-spam and spyware solutions.
• Experience conducting log and activity review, along with stream or packet capture, in support of intrusion analysis.

Submit a job application
By applying to the job, you acknowledge that you have read, understood and agreed to our Privacy Policy Notice (the “Notice”) and consent to the collection, use and/or disclosure of your personal data by Ninja Logistics Pte Ltd (the “Company”) for the purposes set out in the Notice. In the event that your job application or personal data was received from any third party pursuant to the purposes set out in the Notice, you warrant that such third party has been duly authorised by you to disclose your personal data to us for the purposes set out in the the Notice.