Apply on
!!OVERSEAS TRAVELLING REQUIRED!!
RESPONSIBILITIES:
As an Onsite Resident CSIRT Manager, you will be responsible for overseeing the day-to-day operations of our CSIRT Operation Centre in the Philippines. You will manage a team of security analysts and provide technical leadership and guidance.
Your responsibilities will include:
• Managing CSIRT operations: Overseeing the daily operations of the SOC,
including incident response, threat monitoring, and security analysis.
• Leading a team of security analysts: Providing leadership, mentorship, and
training to a team of security analysts.
• Handling Level 1, 2, and 3 helpdesk and CSIRT requests: Providing technical
support and resolving security incidents.
• Interacting with custodians: Communicating effectively with custodians to
understand their needs and provide solutions.
• Preparing presentations and reports: Developing and delivering presentations
and reports on security topics.
• Consulting with custodians: Providing expert advice and guidance on security
matters.
CSIRT OPERATIONS MANAGEMENT
• Overseeing the daily operations of the CSIRT, ensuring efficient and effective
incident response, threat monitoring, and security analysis.
• Developing and implementing security policies, procedures, and standards.
• Monitoring and analysing security metrics to identify trends and areas for
improvement.
• Coordinating with other security teams within the organization.
• Overseeing Operations tools and validate with custodian on the alerts.
• Prepare playbook, use cases, IOC and Threat intelligence sources to be
implemented in security tools
CSIRT \ HELPDESK TECHNOLOGY MANAGEMENT
• Responsibility to manage CSIRT technology example SIEM, Threat
Intelligence, EDR and etc platforms.
• Responsibility to manage Helpdesk technology example Ticketing Systems
and other helpdesk systems
TEAM LEADERSHIP
• Leading and mentoring a team of security analysts, providing guidance,
training, and support.
• Developing and implementing performance metrics and evaluation criteria for
the team.
• Fostering a culture of continuous learning and professional development.
INCIDENT RESPONSE
• Managing and coordinating incident response activities, from initial detection
to post-incident analysis.
• Conducting in-depth investigations into security incidents to identify root
causes and vulnerabilities.
• Developing and implementing remediation plans to address security threats.
CUSTODIAN ENGAGEMENT
• Interacting with custodians to understand their security needs and
requirements.
• Providing technical support and guidance to custodians.
• Developing and delivering presentations and reports on security topics.
• Acting as a consultant to custodians on security best practices and emerging
threats.