For Candidate Privacy Policy, please follow at https://careers.bitkub.com/privacy

Lead and Manage Security Incident Response:

• Lead the Cyber Security Incident Response (CSIR) team in day-to-day operations, managing complex incidents, and communicating progress to senior management.
• Ensure clear incident documentation and oversee the implementation and follow-up of realistic remediation plans.
• Detect and independently respond to security incidents across the organization.
• Assume the role of an Incident Manager during major security events.

Develop and Refine Incident Response Strategy:

• Collaborate with management to execute and iterate on the incident response process.
• Develop the threat-response matrix, incident-response playbook, and processes. Design and implement metrics for incident response, continually improving efficiency and effectiveness.
• Stay informed of emerging threats, security technologies, and relevant research for continuous improvement.

Security Expertise and Mentorship:

• Identify and mitigate complex security threats before exploitation.
• Implement and monitor security measures for infrastructure protection.
• Utilize log analysis platforms for security analytics and threat detection.
• Perform root cause analysis (RCA) and incident reviews.
• Mentor other members of the Security Incident Response Team.
• Help the team grow their skills and experience.

Collaboration and Leadership:

• Provide security recommendations to security architecture, issues, and features.
• Create a supportive environment for team members.
• Build strong partnerships with the other departments as a supporter of the cyber security incident response team. (CSIRT)
• Train team members to prioritize efforts and ensure alignment with company direction.
• Be a role model for positive thinking, and conflict resolution.
• Draft and successfully deliver on quarterly OKRs (Objectives and Key Results).

Qualifications:

• Bachelor's degree or higher in Computer Engineering, Computer Science, IT, or related fields.
• A minimum of 5 years of working experience in Security Operations (SecOps), incident response, threat analysis, incident management, or relevant investigations during medium and large-scale security events.
• Robust understanding of security issues, mitigations, and a solid grasp of the current global threat landscape.
• Experience in security solutions, secure network design, firewalls, authentication, authorization systems, log analysis platforms, security incident response, monitoring, and intrusion detection.
• Profound knowledge of attacks, mitigation methods, and threat modeling.
• Experience in digital forensics, SOAR automation, and cloud providers like GCP, AWS, and Azure is advantageous.
• Strong written and verbal communication skills are required, including conducting presentations and creating security reports. Experience with executive-level communications is a plus.
• Substantial engineering mindset.
• Capability to build working relationships with key stakeholders.
• Capability to make concrete progress in the face of ambiguity and imperfect knowledge.
• Hold the certificate of CompTIA Security +, CompTIA CySA+, and others would be an added advantage.