Senior Security Lead

Sopra Steria is a listed European tech leader specializes in Consulting, Digital Service, and Software. We have 50,000 employees worldwide located in different regions (Europe, North America and Asia), whereby Singapore is the HQ for APAC. EvaGroup Asia Pacific is part of Sopra Steria, in charge of Infrastructure, Cloud and Cybersecurity services in APAC.

We are looking for a Cybersecurity expert in Detection Engineering & Security Investigation areas, part of Production SOC & Security Investigation & Incident Response team.

Your role will be to:

• Act as reference point in team of experts on Security Incident Response activities, Anti-Malware/Defense activities and Security Detection activities,
• Oversee the detection capabilities for the 24/7 regional IT Production SOC which handles the IT Production security alerts for the APAC region,
• Contribute to the enhancement of SIEM and SOAR capabilities,
• Strengthen the detection capabilities in APAC and be member of the Global Use Case committee for a worldwide alignment of the security use cases.
• Participate to the global continuous improvement of the framework of tools and processes for Security Incident Management, Anti-Malware/Defense and Security Detection,
• Collaborate with the APAC Business CSIRT, accountable for the Security Incident practice in APAC, to strengthen the extended security monitoring setup between Business Information Security and IT Production Security.

Requirements

Direct Responsibilities:

• Hands on experience for SIEM, security incident analysis, Incident response (IR) Malware analysis, and threat hunting
• Knowledge of MITRE or similar framework
• Lead technical activities (definition, R&D/threat hunting) in the team of IT Production Security Investigation & Incident Response and oversee the detection capabilities of the 24/7 regional IT Production SOC
• Be responsible for the security monitoring and security incident response for the regional IT production
• Partner with global, regional and local stakeholders to ensure organizational and procedural efficiency and readiness for detection of suspicious events and reaction upon security incident
• Continuously improve the processes to strengthen the current SOC framework via review of policies and operational playbooks
• Steer the regional threat modeling, identification of threat vectors and development of related security monitoring capabilities
• Participate in the Use Case Committee factory to improve the detection capabilities
• Report to global regional and local stakeholders on the strategic and operational aspects of these activities

Contributing Responsibilities

• Partner with the APAC Business CSIRT for integrated security monitoring and alert/incident handling operations
• Contribute to local security incident response outside the direct scope of responsibilities (i.e., local IT production in some APAC business entities)
• Contribute to the Bank compliance with regulatory requirements and internal policies
• Contribute to the reporting of all incidents according to the Incident Management System
• Contribute to the control frameworks in day‐to‐day business activities, such as Control Plan; Participate to Audit interview and provide the require evidence

Competencies:

• Requires a minimum of 8+ years of experience as security professional
• Excellent interpersonal and communication skills; ability to influence and motivate
• Ability to handle high pressure situations with key stakeholders to collaborate and communicate effectively and respectfully with both business-oriented executives and technology-oriented personnel in teams across the organization
• Experience of performing security monitoring and incident response activities in an advanced Security Operation Centers (SOC) environment (log analysis, event analysis, incident investigation, reporting)
• Experience and knowledge in investigating incidents, remediation, tracking and follow-up for incident closure with concerned teams, stakeholders.
• Exhaustive technical knowledge and hands on experience in several security domains
• Thorough understanding of technologies and security concepts, with knowledge & hands on experience in SIEM Product and Security Incident Management
• Program and project management expertise
• Taking initiative; be proactive and run decision-making processes autonomously

Specific Qualifications:

• Successful people management experience
• Professional credentials in one of the relevant IT Security disciplines is a plus (CISSP / OSCP / SANS)
• Experience in common scripting languages such as Python, PowerShell, Bash is a plus
• Experience in SIEM on ELK(Elastic Logstash Kibana) stack is a plus

Benefits

• Regular team buildings
• 18 leave days / Year
• Health Insurance: GP, Life Insurance, Dental Insurance and Optical insurance
• Annual bonus
• Working hours: from 9am to 6pm, Monday to Friday
• E-learning and certifications paths