Service Delivery Manager - #1115467

Main Duties and Responsibilities:

1. Technology Risk Assessment for Regulatory Compliance

• Conduct technology risk analysis, ensuring alignment with business and regional regulatory requirements.

• Maintain, document and update changes to policies, SOPs, artifacts, risk registers, etc.

• Perform assessments for third-party and regulatory adherence.

• Actively engage in certification, auditing, findings, assessment and compliance efforts.

2. Security Operations

• Continuously watch network traffic, systems, and applications for suspicious activity, anomalies and potential security incidents

• Identify security flaws and weaknesses in the networks, systems and applications to prevent them from being exploited.

• Conduct detailed assessment & audit on all security controls, esp. email, endpoints, app., data, etc.

• Deploy, configure, and manage various security tools such as endpoint, IAM, PAM, xDR, SIEM, etc according to NIST, CISA and MITRE framework protocols.

• Threat detection, incident response, vulnerability management, security policy enforcement and continuous monitoring of security controls.

• Develop and execute plans to respond to security incidents, containing and mitigating them.

• Collaborate, and follow-up with other key technical team members and HODs.


3. Incident Response

• Lead incident response lifecycle (detection, triage, containment, eradication, recovery).
• Handle security incidents tickets escalated by team, and draft security incident report covering the root cause, forensic evidence, and recommended mitigation plans

• Conduct and support forensic analysis of endpoints, logs, and network traffic to determine root cause and impact.

• Coordinate with internal stakeholders and external partners during critical incidents.

• Develop and maintain playbooks and incident reports.


Job Requirements: (e.g., educational/ professional qualifications)

• Min. 3 – 5 years of experience in technology risk, blue team operations, and regulatory compliance.

• Diploma or Degree in IT, cybersecurity, or related field.

• Proficient in both English and Mandarin as you will need to work closely with Chinese counterparts.

• Expertise in technology risk, defensive strategies, endpoint security, IAM, PAM, and access control.

• Strong knowledge of security frameworks, layered defense, SIEM, endpoint & VPN security, DLP, etc.

• Familiarity with vulnerability management, and security configuration and automation.

• Digital Forensics and Incident Response (DFIR) experience enabling deeper investigations and root cause analysis is an added advantage.

• Ability to analyze security issues and recommend effective solutions.

• Relevant certifications such as Comptia Security+ or vendor/industry certifications is an added advantage.