Job was saved successfully.
Job was removed from Saved Jobs.

Cyber Defence Lead

NPAworldwide Recruitment Network

Last Updated: 9/30/22

Job Description

Job description:

Job Summary

  • Improve cyber defence capability.
  • Improve security monitoring capability.
  • Improve security incident response capability.


Anomalies activity and cyber incident detection

  • Manage the anomalies activity detecting process.
  • Assess the monitoring needs and define the monitoring scope and approach.
  • Work closely with Security Operation Center to ensure that the monitoring process are effective.
  • Oversight and monitor on the activities performed by the Security Operation Center.
  • Monitor security events reported to ensure that all events are properly handled.
  • Response to security events escalated from the Security Operation Center and work with the relevant parties to investigate and response when needed.
  • Develop relevant information security metrics to monitor the banks information security posture and translate it into meaningful insights for the senior management.

Cyber incident response and management

  • Manage security incident and develop response plan and playbooks for various attacks and security events.
  • Oversight and monitor security incidents to ensure that all incidents identified are managed according to the incident management procedure and response plans.
  • Ensure escalation and reporting process are in place and followed.
  • Perform analysis to assess incident impact and determine whether the involvement of external investigators or forensic analysis are required to support incident investigation.
  • Work with external investigators on forensic analysis during cyber and information security incidents.
  • Drive the banks regular incident response drills exercise in responding to cyber and information security incidents.

Threat monitoring and analysis

  • Monitor threat intelligence from various sources to discover emerging cyber threats affecting the bank and customers.
  • Perform threat analysis and to identify potential security controls or remediation and other security improvement in response to the threats.
  • Perform threat hunting, leveraging available indicators of compromise, to identify potential threats that are lurking undetected.
  • Threat intelligence sharing and to collaborate with 3rd parties and industry peers.
  • Manage the threat and vulnerability management program.


  • At least 7 years of experience in information & cyber security from either the banking and finance industry or security consulting with primary focus on Incident Response or Intrusion Detection.
  • Solid understanding of incident response, threat modeling and common attack vectors, adversary tactics, techniques & procedure, MITRE ATT&CK framework.
  • Hands on experience in using Splunk Enterprise Security, analyzing security log & network traffic, identifying, and investigating security incidents.
  • Prior experience in malware analysis, virus exploitation and mitigation techniques, and digital forensic.
  • Understanding of network, desktop and server technologies, network intrusion methods, network containment, segregation techniques, IDS and IPS.
  • Degree holder major in Computer Science or related field.
  • Relevant certification in information security (e.g., CISSP, CISA or CISM etc.)
Why is This a Great Opportunity:

A licensed virtual bank in Hong Kong

Company Details

Grand Rapids, Michigan, United States
NPAworldwide connects you to premier independent recruiting firms located throughout Europe, Asia, Australia, Africa and the Americas. Get connected with members around the world to widen your employer pool, get specialized placements, and find perfect matches -- all at no cost. Our members are placement professionals seeking long-term fits. Working with our recruiters gets you access to relocatio...