Head of Security Operations

The NETS Group is a leading payments services group, enabling digital payments for merchants, consumers and banks across the entire payments value chain. 
 

The Group operates Singapore’s national debit scheme enabling customers of DBS Bank/POSB, HSBC, Maybank, OCBC Bank, Standard Chartered Bank and UOB to make payments using their ATM cards or mobile devices at more than 130,000 acceptance points in the country as well as online payments.

Key Responsibilities

1.    Team Management and SOC Leadership
   a.    Strong leadership to lead and mentor the Security Operations Centre (SOC) team, provide clear communication and direction to the SOC team.
   b.    Solid hands-on experience in the FI industry to oversee 24/7 monitoring, incident handling, and threat intelligence analysis & threats hunting
   c.    Foster a culture of continuous learning and professional growth within the SOC team, take ownership and can-do attitude
   d.    Familiar with all industry Cybersecurity operation tools, both Cloud and On-prem and be able to provide advice & recommendations for the emerging tools
   e.    Be able to multi-tasking and handle the projects/deliverables within tight timeline and stress
   2.    Operational Leadership
   a.    Work closely with the CISO in executing the overall cybersecurity strategy of the organisation and SOC uplifting.
   b.    Manage day-to-day cybersecurity operations, including incident response, vulnerability assessments and threat detection & response.
   c.    Manage cyber security vendors and ensure Service Level Agreements are met.
   d.    Adopt a Continuous Improvement mindset to constantly develop and enhance operational processes to improve efficiency and effectiveness, and align to the best practice in the industry.
   e.    Ensure that cyber security tools settings, configurations and rules are constantly reviewed for improvements in cybersecurity posture and in response with continuously evolving cyber threats.
   3.    Cybersecurity Incident Leadership
   a.    Lead and orchestrate the response to security incidents, including DOS attacks, data breaches, malware outbreaks, ransomware and unauthorised access attempts.
   b.    Establish and maintain an effective incident response process, ensuring timely detection, containment, eradication and recovery.
   c.    Collaborate with various departments in the organisation to manage incident communication and reporting.
   d.    Work with relevant third parties to address cyber contagion risks.
   e.    Conduct post incident reviews to identify areas for improvement and implement corrective actions.
   4.    Risk Management and Compliance
   a.    Proactively address potential cyber threats and vulnerabilities by collaborating with Risk and Compliance department.
   b.    Conduct regular vulnerability assessments.
   c.    Ensure operational compliance with relevant regulations, policies, standards and procedures.
   d.    Strong support on Cyber Security related Audits and conduct corrective remediation actions in a sustainable, repeatable, testable and timely manner.

Requirements:

•    Degree in Computer Science, Computer Engineering or Information Security related fields.
•    At least 12 years’ of overall working experience, minimum of 8 years’ of which in the cybersecurity industry, and minimum 5 years’ of which as a SOC team manager. 
•    An industry SOC leader with a combination of leadership, technical, and communication skills, presentation skills, along with relevant experience and certifications.
•    Hands-on Experience: Experience with security tools and technologies, including open-source security tools, firewalls, SIEM (Security Information and Event Management) systems, and endpoint security management etc. 
•    Experience as a SOC analyst is a must.
•    Experience running cybersecurity operations and cybersecurity incident management is a must.
•    Experience to develop and implement security strategies, policies, and procedures. 
•    Relevant certifications such as CISSP, CISM, GSOM, SSCP, CASP+, GCIH, and AI will be a significant advantage.

Network for Electronic Transfers (Singapore) Pte Ltd.