Job Openings Assistant Manager - Incident Response (Cybersecurity)

About the job Assistant Manager - Incident Response (Cybersecurity)

Key Responsibilities:

  • Serve as the primary lead for managing the full lifecycle of cybersecurity incidents, including investigation, containment, eradication, and recovery, while ensuring thorough post-incident reviews.
  • Develop, refine, and maintain comprehensive incident response playbooks, runbooks, and standard operating procedures (SOPs) to ensure consistent and effective response protocols.
  • Proactively conduct threat hunting initiatives based on threat intelligence, anomalies, and emerging threats to detect and mitigate malicious activities that bypass automated security measures.
  • Contribute to the development and enhancement of the corporate-wide information security framework, policies, guidelines, and standards in alignment with ISO 27001 and industry best practices.
  • Perform daily security administration and operational tasks, including user and privileged account management, key and certificate oversight, security log review, technical vulnerability assessments, penetration testing, and incident handling.
  • Evaluate and recommend information security controls, and oversee their implementation for key projects and initiatives.

Qualifications & Experience:

  • Bachelors degree in Computer Science, Information Technology, or a related discipline.
  • Minimum of 5 years of experience in cybersecurity, with at least 2 years specializing in incident response.
  • Professional security certifications such as CISA, CISM, CISSP, CISP, or equivalent are highly desirable.
  • Splunk Enterprise Security Administrator certification is a plus.
  • Strong familiarity with security incident handling processes and Security Operations Center (SOC) workflows.
  • Hands-on experience with:
    • Security Information and Event Management (SIEM) platforms (e.g., Splunk, Sentinel, QRadar).
    • Endpoint Detection and Response (EDR) tools (e.g., CrowdStrike, SentinelOne, Microsoft Defender, Sangfor).
    • Core security concepts including network protocols, OS internals (Windows/Linux/MacOS), malware analysis, and cloud security (AWS/Azure/AliCloud/Huawei Cloud).
  • Excellent time management and organizational skills.
  • Proficiency in written and spoken English and Chinese.

Or refer someone