Senior Manager, Group Information Security (Cyber Security Incident Response - IR Team Lead)

Benefits

Additional Information

About FWD Group FWD Group (1828.HK) is a pan-Asian life and health insurance business that serves more than 38 million customers across 10 markets, including BRI Life in Indonesia. FWD's customer-led and tech-enabled approach aims to deliver innovative propositions, easy-to-understand products and a simpler insurance experience. Established in 2013, the company operates in some of the fastest-growing insurance markets in the world with a vision of changing the way people feel about insurance. FWD Group is listed on the main board of the Hong Kong Stock Exchange under the stock code 1828. For more information, please visit www.fwd.com FWD Technology and Innovation Malaysia Sdn. Bhd., known as FWD TIM, was established in late 2019. Strategically located in Kuala Lumpur, FWD TIM serves as a pivotal shared service location within FWD Group, providing services to multiple markets across the Group. FWD TIM houses a diverse and talented workforce focused on essential business and technology services such as information security, cloud operations, IT solutions delivery, digital and data, actuarial, finance, investments, and customer service, among many others. FWD TIM is dedicated to drive and deliver operational excellence and efficiency, foster innovation and ensure regulatory compliance across all business functions as well as maintain a competitive edge in the market. PURPOSE Position of IR Team Lead Most senior incident responder with subject matter expertise Supports the pillar head of Security Monitoring and Incident Response in leading the Incident Response sub-function Provide visibility to the pillar head of Security Monitoring and Incident Response on the day to day operations of the team Lead the coordination, investigation, management, and resolution of a broad range of cyber-security incidents for FWD Group including all markets. Establishes processes and SOPs. Proactively identify, propose and drive the transformation and enhancement projects through the management and collaboration with relevant internal teams and external solutions providers to continuously improve the Group Cyber Security Incident Response Management, Detection and Monitoring processes and SOPs, performed by internal teams and vendors, leveraging automation and technologies available. Build knowledge and coach Business Units IT Security leads, to understand their role in Cyber Incident Management. KEY ACCOUNTABILITIES Work with L1 and L2 Security Monitoring service providers to ensure L1/L2 resolutions meet the expected SLA and to enhance their monitoring, triage investigation processes capabilities prior to escalation. Oversee delivery of the L3 incident response team and ensure that they meet incident response SLA's and SLO's. Ensure L3 IR team is assigned tasks efficiently and keep track of work delegated from pillar head of SM&IR Coordinate IR functions with other related functions included that of Threat Intelligence, in collaboration with Threat Intelligence lead Investigate incident response cases to identify root cause, and coordinate with multiple internal teams and external solutions providers to remediate and resolve issues on a timely manner and effectively. Leverage detection and response solutions in place, to further assess and proactively address any escalated potential incidents Identify and drive continuous improvement of FWD Cyber Incident detection, contextualization and response processes and tools, leveraging automation and orchestration where possible Manage and coordinate potential incidents escalations, for investigation, along with any required internal or external stakeholders Lead and manage the communication and coordination of Cyber Security Incident response actions with Business Units and ensure smooth and proper closure of the Incident Response cases Analyze the findings of Threat Intelligence and work with relevant internal teams and Business Units to coordinate and/or execute actions to ensure FWD Group prevention, detection and response capabilities setup is maximized against those new threats. Perform in-depth analysis of malware or other potential malicious processes or software identified in the organization Coordinate and manage Cyber Security testing activities, and provide advice on remediation Develop, document and maintain SOPs and knowledge base for cyber security services relating to incident response, intelligence analysis, evidence acquisition, forensics recovery, and others Continuous knowledge improvement in tools and best practices in Cyber Security threat monitoring and incident response, including contextualization and automation Evaluate new emerging Cyber Security technologies and make recommendations for adoption within FWD Group KEY PERFORMANCE INDICATORS Timely and accurate coordination and management of all incident response cases within SLA for self and the rest of the team Successful implementation of transformation and improvement initiatives t

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at fwd? Share your experience