Overview
Incident Response & Prevention Manager Jobs in Hong Kong, Hong Kong SAR at Crypto.com
Title: Incident Response & Prevention Manager
Company: Crypto.com
Location: Hong Kong, Hong Kong SAR
The Cybersecurity and Data Privacy team reports directly under the office of the CISO headed by Chief Information Security Officer (CISO) Jason Lau ( https://www.linkedin.com/in/jasonciso/ ) who has over 23+ years of experience in the cybersecurity space, awarded Global Top 100 CISO, and also serves on the World Economic Forum, International Association of Privacy Professionals and more. The team comprises of multiple functions from Blockchain Security, Operational Security, Security Governance and Compliance and more. We drive a culture of having a growth mindset and being humble to help everyone achieve their potential. Security and Data Privacy Compliance first strategy which has been at the core of our company. The security team helped to drive us to be the first Crypto company worldwide to achieve ISO27001, ISO27701, ISO22301 and PCI:DSS 3.2.1 (Level 1) certifications. Extremely detailed third party attested by international audit firm SGS and achieved “Adaptive (Tier 4)” – the highest level possible for the US National Institute of Standards and Technology (NIST) Cybersecurity Framework and the latest NIST Privacy Framework as well as SOC2 and many other regional certifications like the Data Protection Trust Mark.
As part of the CIRIFT at Crypto.com , you will be involved in responding and managing cyber security incidents throughout the cycle – from Preparation to Identification, Containment, Eradication, Recovery and Lessons Learnt – along with other incident responders around the globe.
You will apply all of your skills on cyber defense , digital forensics, log analysis, intrusion analysis and any related skills to respond to security incidents on our endpoints, network, and cloud infrastructure. In this role, you will provide prevention, detection, response and remediation activities to ensure information assets and technologies are adequately protected using different technologies like NGFW, EDR, IDS/IPS, EDR, DLP and more. You will also apply your collaboration and communication skills to work effectively with all relevant stakeholders in multicultural/global environments.
Responsibilities
Report to Senior Manager to facilitate all phases in the incident response lifecycle
Involve in various incident prevention projects to improve Security posture
Preparation
Understand different regulatory and compliance requirements like critical time to report, escalation flows, etc.
Take part in self-assessment exercises like Tabletop Exercises, Attack Simulations, Red/Purple Team exercises to make sure the incident response process is working smoothly
Develop incident response runbooks, playbooks and SOPs with reference to different regulatory requirements
Evaluate the incident response readiness of different layers – people, process, technology
Detection & Analysis
Respond to the cyber security incidents escalated from various channels including the 24/7 SOC team.
Respond to cyber security incidents in compliance with the local authority / regulatory requirements.
Assess the risk, impact and scope of the identified security threats
Perform deep-dive incident analysis of various data sources by analysing and investigating security related logs against medium-term threats and IOCs
Containment, Eradication and Recovery
Communicate with the stakeholders and provide guidance, recommendations to contain and eradicate the security incident
Participate in root …
