Job
Description
As a member of the Cybersecurity Incident Management and Response Team at UST, your role involves effectively managing all information and cybersecurity incidents across the Group on a 24x7 basis. Your primary responsibilities include: - Lead and perform technical and forensic investigations into global cybersecurity events, ensuring timely threat identification and mitigation. - Conduct post-incident reviews to assess the effectiveness of controls and response capabilities; drive improvements where necessary. - Deliver forensic services including evidence collection, processing, preservation, analysis, and presentation. - Stay updated on emerging technology trends and cybersecurity best practices to provide guidance to business and IT functions. - Collaborate with Global Cybersecurity Operations (GCO) and business teams to develop and maintain effective incident response playbooks. - Contribute to the creation and enhancement of detection mechanisms (use cases) and security automation workflows. - Define and refine detailed processes and procedures for managing cybersecurity events. - Enhance technical capabilities of security platforms and incident response tools. - Support the development of the team's capabilities, including training and mentoring junior team members. - Promote a culture of transparency and continuous improvement by identifying and addressing weaknesses in people, processes, and technology. - Drive self-improvement and maintain subject matter expertise in cybersecurity. - Engage with global stakeholders to improve cybersecurity awareness and communicate the impact of cybersecurity initiatives. - Generate and present management information and incident reports tailored for various audiences, supported by data and expert analysis. Required Skills & Competencies: - Strong understanding of cybersecurity incident management and investigation techniques. - Hands-on experience with IDS/IPS systems, TCP/IP protocols, and common attack vectors. - Ability to independently analyze complex problems and determine root causes. - Effective communication skills with the ability to convey technical issues clearly to both technical and non-technical audiences. - Sound decision-making abilities under pressure, with a focus on risk mitigation and operational resilience. - Strong collaboration and stakeholder engagement skills across diverse teams. - High level of integrity, urgency, and personal accountability. - Demonstrated ethical conduct and commitment to organizational values. - Knowledge of cybersecurity principles, global financial services, compliance requirements, and regulatory standards. - Familiarity with industry frameworks and standards such as OWASP, ISO 27001/27002, PCI DSS, GLBA, FFIEC, CIS, and NIST. - Experience in responding to advanced threats, including offensive security knowledge or experience with deception technologies (honeypots, tripwires, honey tokens, etc.). Preferred Technical Skills: - Cybersecurity Incident Management - Intrusion Detection/Prevention Systems (IDS/IPS) - TCP/IP Protocols and Network Analysis - Forensics Tools and Techniques - Security Automation & Orchestration Platforms - Threat Intelligence Integration - SIEM Tools (e.g., Splunk, QRadar, etc.) About UST: UST is a global digital transformation solutions provider with a track record of partnering with leading companies for over 20 years. With a workforce of over 30,000 employees in 30 countries, UST is dedicated to embedding innovation and agility into their clients' organizations for boundless impact. As a member of the Cybersecurity Incident Management and Response Team at UST, your role involves effectively managing all information and cybersecurity incidents across the Group on a 24x7 basis. Your primary responsibilities include: - Lead and perform technical and forensic investigations into global cybersecurity events, ensuring timely threat identification and mitigation. - Conduct post-incident reviews to assess the effectiveness of controls and response capabilities; drive improvements where necessary. - Deliver forensic services including evidence collection, processing, preservation, analysis, and presentation. - Stay updated on emerging technology trends and cybersecurity best practices to provide guidance to business and IT functions. - Collaborate with Global Cybersecurity Operations (GCO) and business teams to develop and maintain effective incident response playbooks. - Contribute to the creation and enhancement of detection mechanisms (use cases) and security automation workflows. - Define and refine detailed processes and procedures for managing cybersecurity events. - Enhance technical capabilities of security platforms and incident response tools. - Support the development of the team's capabilities, including training and mentoring junior team members. - Promote a culture of transparency and continuous improvement by identifying and addressing weaknesses in people, processes, and techn
