Job description

​Our Client is an established company in Singapore, who is seeking to recruit a Lead Cybersecurity Specialist (Security Operations).

Lead Cybersecurity Specialist (Cyber Defence)

You will be the primaryarchitect of the security governance and risk management framework., with the missionto transform GRC from a compliance-heavy exercise into a strategic enabler. Youwill ensure that risk management is deeply integrated into the lifecycle ofevery digital system, from web applications to critical Operational Technology(OT) environments.

1. Incident Management &Response Standardisation

·       Unified Playbooks: Establish and maintain Incident Response(IR) playbooks for diverse threat scenarios (e.g., Ransomware, DataExfiltration, Cloud breaches).

·       Crisis Leadership: Provide direct guidance and technicaloversight to agencies during High and Critical severity incidents, ensuringtimely reporting and effective containment.

·       Incident Governance: Work with CIOs and CISOs to establishclear command structures and roles, empowering leaders to make difficult,high-stakes decisions during a crisis.

2. Operational Readiness& Resiliency Testing

·       Advanced Exercises: Design and oversee high-quality TabletopExercises (TTX) for various stakeholders (system owners, SIROs, CISOs, CIOs).You will evaluate external vendors to ensure these exercises are realistic,comprehensive, and push the limits.

·       Chaos Testing: Drive the adoption of chaos testing acrossagencies to validate the adequacy of resiliency plans and identify hiddenfailure points in critical systems.

·       Capability Building: Continuously assess the operationalreadiness of the Family and lead initiatives to bridge identified gaps inincident management.

3. Continuous Monitoring& Asset Governance

·       Centralised Monitoring: Ensure all systems are effectivelyonboarded to central monitoring services. Work with system owners on overcomingchallenges encountered during onboarding.

·       Asset Visibility: Partner with CIOs to maintain a robust andupdated IT asset inventory, ensuring that "you cannot protect what you donot know."

·       Custom Threat Scenarios: Provide expert guidance for agencieswith unique threat use cases or specialised systems (e.g., OT/ICS) that falloutside standard monitoring coverage, helping them build bespoke detectioncapabilities.

4. Vulnerability &Attack Surface Management

·       Full-Spectrum SOPs: Establish Standard Operating Proceduresfor vulnerability management across on-premises, cloud (GCC), and OTenvironments. Ensure that there are proper procedures for managing unpatchedvulnerabilities.

·       Attack Surface Scanning: Ensure agencies deploy adequateinternal and external scanning tools. You will oversee the workflow for findingprioritisation and validate that patches are applied and effective.

5. Advocacy & Education

·       Resilience Culture: Educate stakeholders on the criticalimportance of Response and Business Continuity Planning (BCP).

·       Stakeholder Inculcation: Foster a mindset of "assumedbreach," ensuring project owners and leaders understand their roles inthreat monitoring and incident management.

Requirements

Experience

·       Years of Experience: 8 to 10 years of deep experience inCybersecurity Operations, SOC Management, or Incident Response.

·       Crisis Management: Proven track record of leading orproviding technical oversight in high-pressure, high-severity securityincidents.

·       Domain Expertise: Experience managing security operationsacross complex hybrid environments (On-premise, Cloud, and OT).

Technical Skills

·       Incident Response & Forensics: Mastery of IRmethodologies and a strong understanding of digital forensics and malwareanalysis.

·       Threat Intelligence & TTPs: Deep knowledge of the threatlandscape and the ability to map monitoring use cases to the MITRE ATT&CKframework.

·       Vulnerability & Exploitation Research: Deep understandingof the CVE (Common Vulnerabilities and Exposures) system and CVSS scoring.Knowledge of exploitation techniques and the mechanics of how vulnerabilitiesare weaponised by threat actors. Ability to assess the"exploitability" of a vulnerability within the specific context ofthe environment to prioritise remediation.

·       Detection Technologies: Proficiency in SIEM, SOAR, XDR, andEDR technologies. Ability to evaluate the relevancy of existing monitoringtools against evolving threats.

·       Cloud Operations: Strong understanding of monitoring andresponding to incidents within Government Commercial Cloud (GCC) and nativecloud environments.

·       Certifications: Professional certifications such as GCIH(GIAC Certified Incident Handler), GCFA (GIAC Certified Forensic Analyst),CHFI, or CISSP are highly desirable.

Soft Skills

·       Command & Control: Ability to remain calm and provideclear, authoritative guidance during high-stakes security crises.

·       Diplomacy & Education: Skill in translating operationalneeds into strategic priorities for CIOs and CISOs.

·       Strategic Foresight: A strong interest in emerging securitytechnologies and the ability to proactively adapt monitoring strategies tocounter new actor TTPs.

JJ Consulting Services

EA Licence No.: 12C6207

Applicants are invited to send in a MS Word resume to jobs@jjconsulting.com.sg statingposition applying for/present/expected salaries and earliest available date.

We thank all applicants in advance and regret that only short listed candidateswill be notified.