The GovernmentIT Security Incident Response (GITSIR)teamaims to support the IT Security Incident Framework for the Government.
Itserves as a primary point of contact for all security incidents in theGovernment and serves as a central interface for coordinating with externalparties such as government agencies, external organisations, Internet ServiceProviders and law enforcement.
As the Head of Government IT Security Incident Response, you will playan instrumental role to lead and manage GITSIR team under the Government CyberDefence (GCD) of Cyber Security Group (CSG) and provides technical assistanceto agencies in resolving and recovering from cyber security incidents withinthe Government.
In order to achieve prompt and efficient response to cybersecurity incidents, you will oversee the day to day operations of incidentresponse and investigation, and explain the key facts and findings tostakeholders including Ministers, PSes and senior management.
What to Expect :
Providetechnical assistance and advisories on pertinent cyber security threats
Assess thesituation, update and provide recommendations to stakeholders
Performin-depth investigation to determine the root cause of a security incident
Streamlineworkflow to reduce manual effort for incident response and investigation
Plan andprioritise key areas to work on for the team including maintain and be wellinformed on both current and future ICT security trends and technologies.
Expand anddeepen knowledge in performing incident response, forensic investigation,malware analysis, threat intelligence and threat hunting to build competenciesin performing investigation and analysis
Oversee theimplementation of new projects, enhancement of current projects or provision ofincident response requirements to major projects
Managestaff performance and optimisation of resources
Able tocoach and mentor staff and identify high potential talent to enhance theirperformance
Able tohandle employee relation issues and provide staff with developmentopportunities to test and expand their capabilities
How to Succeed :
Bachelor Degree or Master in Computer Science / Engineering, Electrical Engineering, IT or post graduate diploma in IT Experience
Minimum 15years in IT security with experience in incident response and investigation,operation management, security events management, etc.
inclusive of 5 years inmanagement role
Broad knowledge of the ICT industry, both current as well future ICT security trends and technologies
Knowledge of adversary tools and techniques such as malwares, bruteforce attacks, buffer overflows, phishing, DNS poisoning, SQL injection, cross-site scripting
Ability to assess security threats and vulnerabilities against the potential impact
Good understanding of operating systems and platforms (e.g. Windows, Linux, Solaris), and networking concepts and protocols (e.
g. LAN / WAN routing, TCP / IP, SSH, TLS)
Knowledge of security architectures and designs including security devices (e.g. firewall, IPS, proxy, VPN) and web applications (e.
g. web server, content management system, database)
Familiarity with good security practices and policies as well as file systems such as FAT32, NTFS, EXT4
Knowledge of programming and scripting languages (e.g. C++, Python), forensic tools and techniques (e.g. FTK, Encase, WireShark), & malware tools and techniques (e.g. IDA Pro, OllyDbg)
Familiarity with log and data analysis (e.g. Splunk, ELK, R)
Ability to manage complex and large scale security incidents
Ability to provide directions on incident response activities and coordinate communications within the team
Ability to assess the situation, provide recommendations and update management through presentations and written reports
Good knowledge in project management
Possess strong leadership and management skills including investigative skills to determine the root cause of a security incident
Strong communication and interpersonal skills