Manager - Cyber Defense

PH

Posted: Nov 27, 2023

Here at Aboitiz, success means winning together to shape a better future for people, planet, and profit. As we embrace innovation, we grow diverse industries and shape the country’s future. We create careers without boundaries for those who inspire their teams to rise with them. When you work at Aboitiz, you are part of a family committed to advancing business and communities.

Job Mission/Purpose

The Cyber Defense Incident Manager is responsible for investigating, analyzing, and responding to cyber incidents within the organization’s technological environment or enclave. Ensures that the security requirements to protect the organization’s mission and business processes are protected.

Lead and manage a Cyber Defense Center, providing technical oversight and maintaining a high performance team of analysts staff to proactively identify, prevent, and respond to security incidents.

Contacts/Network Requirement

External: Auditors

External: Community Partners

External: CSR Beneficiaries

External: Consultants

External: Vendors / Suppliers / Providers

Internal: Aboitiz Group SBU/s

Internal: AEV Team Leaders

Internal: AEV Team Members

Internal: Board Cybersecurity Committee

Responsibilities

Execution Excellence: Incident Response

Coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents.
Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.
Perform cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation.
Perform cyber defense trend analysis and reporting.
Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs).
Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
Track and document cyber defense incidents from initial detection through final resolution.
Write and publish cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies.
Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness).
Collect intrusion artifacts (e.g., source code, malware, Trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
Serve as technical expert and liaison to law enforcement personnel and explain incident details as required.
Coordinate with intelligence analysts to correlate threat assessment data.
Write and publish after action reviews.
Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise.
Coordinate incident response functions.

Additional Responsibilities

Key Performance Metrics

Mean Time to Response

Service Level Agreements (SLAs)

Competencies

I. Universal: Building Partnerships / Networking

I. Universal: Business Acumen

I. Universal: Business Continuity

I. Universal: Communication

I. Universal: Data Science

I. Universal: Design Thinking

I. Universal: Innovation

I. Universal: People Development

I. Universal: Performance Management

I. Universal: Project Management

I. Universal: Quality Focus

I. Universal: Resilience

I. Universal: Risk Management, Information Security and Data Privacy

I. Universal: Safety

I. Universal: Working Remotely

I.G. Leadership (Building Commitment): People Development

I.H. Leadership (Building Commitment): Communication

II. Functional (Information Security): Information Security Management (ISMS001)

II. Functional (Information Security): Incident Response (PR-CIR)

II. Functional (Information Security): IT Systems Security Management

II. Functional (Information Security): Security Architecture

II. Functional (Information Security): Security Engineering

II. Functional (Information Security): Training, Education, and Awareness (OV-TEA)

II. Functional (Information Security): Vulnerability Management

Education

Bachelor's Degree in Information Technology or Information Systems

Work Experience

At least 5 years of relevant work experience

License / Certification and Training Requirement

Certified Ethical Hacker

Information Technology Infrastructure Library

JOB APPLICATION NOTICE:
We urge everyone to be vigilant against scams that involve fraudulent offers of employment with Aboitiz Equity Ventures. Scammers are falsely claiming to be representatives of Aboitiz, offering jobs in exchange for recruitment fees. Aboitiz does not ask for money from our applicants at any point of the job application process.