Manager, Cyber Threat Intelligence & Fusion Centre

Summary of the role

The Cyber Threat Intelligence & Fusion Centre Manager is responsible to oversee Marina Bay Sand's (MBS) Cyber Threat Intelligence and Cyber Fusion Centre program. This vertical is part of Marina Bay Sands' Cyber Security Operations Centre (CSOC). The mission of MBS CSOC is to protect and defend MBS against cyber-attacks targeting the gaming, retail and hospitality sector.

The candidate builds, leads and supervises daily cyber threat horizon scanning operation for MBS. For every applicable cyber threat, the candidate is expected to lead the operation to assess and coordinate dissemination, track follow up and defensive / mitigative measures, and to provide reporting as per MITRE Cyber Threat Informed Defence framework.

When required, the candidate is also required to provide focused effort and analysis of potential cyber incidents. This position has a local supervisory role and works closely with the global CSOC team in other centers around the world. All duties are to be performed in accordance with the department and Marina Bay Sands' policies, practices and procedures.

Job Responsibilities

Consistent and regular attendance is an essential function of this job.

Ensure relevant external cyber threat information is detected, responded and / or escalated in a timely fashion.

Ensure external cyber threat information tools / subscriptions are maintained, reviewed and effective in detecting external cyber threat information.

Ensure process runbooks are reviewed and updated timely.

Ensure metrics and trending are collected, reviewed and analyzed timely.

Coordinate with other stakeholders to track and resolve findings, where required.

Performs other related duties as assigned

Job Requirements

Education & Certification

Degree or Diploma in Cybersecurity

Professional cyber related membership and certification is required

Experience

5-10 years of work experience in technical cyber threat intelligence operations, incident response investigation and / or malware analysis.

Other Prerequisites

Proven effective verbal and written communication skills

Abilities

Facilitate continuously updated intelligence, surveillance, and visualization input to common operational picture managers

Identify intelligence gaps and shortfalls

Monitor open source websites for hostile content directed towards organizational or partner interests

Identify cyber threat tactics and methodologies

Identify and characterize intrusion activities against a victim or target

Determine effectiveness of intelligence collection operations

Recommend adjustments to intelligence collection strategies

Develop cyber operations indicators

Coordinate all-source collection activities

Validate all-source collection requirements and plans

Prepare threat and target briefings

Identify intelligence requirements

Modify collection requirements

Determine effectiveness of collection requirements

Monitor changes to designated cyber operations warning problem sets

Report on adversarial activities that fulfill priority information requirements

Prepare cyber operations intelligence reports

Prepare indications and warnings intelligence reports

Assess effectiveness of intelligence production

Assess effectiveness of intelligence reporting

Provide intelligence analysis and support

Notify appropriate personnel of imminent hostile intentions or activities

Determine if intelligence requirements and collection plans are accurate and up-to-date

Knowledge

Intelligence collection capabilities and applications

Intelligence requirements tasking systems and software

Intelligence information repositories

Threat intelligence principles and practices

Operations security (OPSEC) principles and practices

Target development principles and practices

Target research tools and techniques

Priority intelligence requirements

Intelligence fusion

Adversarial tactics principles and practices

Adversarial tactics tools and techniques

Threat vector characteristics

Cyber attack stages

Cyber intrusion activity phases

Malware analysis tools and techniques

Malware analysis principles and practices

Cyber-attack tools and techniques

Denial and deception tools and techniques

Skillset

Conducting non-attributable research

Creating target intelligence products

Conducting deep web research

Performing target analysis

Identifying intelligence gaps

Conducting open-source searches

Converting intelligence requirements into intelligence production tasks

Developing collection strategies

Work Environment

Thrive in a fast-paced, dynamic and global working environment.

Adapt and adjust to priorities quickly as circumstances dictate while completing tasks within established time frames

Establish and maintain cooperative working relationships with fellow Team Members, management, outside contacts, guests and the public.

Meet the basic physical requirements of an office environment including moving freely and frequently about an office, accessing computers and related technologies using peripheral equipment and operating other office equipment.

Maintain composure under pressure and consistently meet deadlines with internal and external stakeholders.

#J-18808-Ljbffr