- Information Technology
- Singapore - Technology Centre
Our Cyber Security team
It’s no secret that our intellectual property is critical to our success. To secure our ideas and designs, our customer and employee personal data, and to protect operations from cyber-crime, Dyson’s global Cyber Security and IT Risk group works effectively to keep our secrets secret and secure our crown jewels, using advanced technologies to stay one step ahead of the game.
We have a continuous focus on transforming and managing all aspects of security - including architecture, engineering, technology risk management, cyber operations, end user security and project delivery. We invest heavily in new security capabilities (technology, processes, and people) and leverage our strong cyber ecosystems to tackle future threats.
Product Design, Manufacturing, Supply Chain, eCommerce and Enterprise IT Systems are at the beating heart of Dyson’s cyber defence priorities. We play a key role in ensuring the successful design and delivery of exciting new business and security projects, and that our controls and security platforms remain effective and compliant. Furthermore, our cyber operations capabilities are delivered on a global 24x7 basis from our strategic locations across the US, UK / Europe, India, Singapore and China.
The Cyber Defence Operations team play a key role in our cyber team and is responsible for the detection and response to cyber threats. This job description relates to the Lead Analyst of Cyber Defence Operations which is a critical position in this function.
About the role
As Cyber Defence Team Lead and working with our Senior Leadership Team, you will develop mature strategies and technologies to allow for change and growth across our core cyber defence functions: Security Operations, Threat Detection Engineering, SOAR, Threat Hunting & DFIR. In addition, this leader will also coach, mentor, motivate and strategically develop their current team of professionals and partners. You'll build strong relationships with operational teams to support legacy processes, as well as identify new opportunities to build world class counter measures.
You will act on the behalf of Cyber Defence Senior Leadership where you will be expected to ensure smooth operation of day-to-day cyber defence activities. Your mission is to ensure the team are equipped for effective monitoring and triage of security events and the mastery of the technologies and information we analyse is at a high level. To be able to do this you will continue to build operational excellence by developing operational security processes, procedures, and playbooks, measuring and improving SOC effectiveness, and acting as the lead on major security incidents and investigations.
Ensure security detection, protection, response, and recovery technologies, capabilities and procedures are up to date, maintained and followed.
Contributes to the creation and maintenance of policy, standards, procedures, and documentation for Cyber Defence Operations.
Develop and maintain Cyber Defence Operations related capabilities to ensure all necessary information and security data is continuously being collected, correlated, and analysed to detect potential external and internal threats to the organization.
Ensure continuous improvement, and key performance indicators and metrics are met.
Assist with triaging cyber security incidents and escalations across our toolsets and perform L3 investigations.
Review security breaches and vulnerabilities, ensuring that they are promptly and thoroughly investigated so potential cyber threats are addressed effectively and efficiently.
Cultivate core relationships between internal stakeholders and external partners and other third-party entities that support Dyson to effectively handling reported security incidents.
Mentoring junior members of the team and supporting the development of the next generation of cyber defenders through our graduate program.
Perform on call and standby duties on a rotation basis for out of hours and weekend coverage.
We seek applications from individuals with 5+ years' experience and an exceptional track-record of building and operating within global Cyber Defence Operations, encompassing a range of responsibilities including acting as an escalation point for junior analysts, assisting senior management with the running of day-to-day activities, and ensuring the effective operation of intrusion detection and incident response.
You'll have a passion for finding elegant solutions to complex problems, knowledge of advanced threat vectors and incident response principles, networking services and protocols. An understanding of common SOC technologies (IDS, SOAR, SIEM, TIP etc.) and the desire to remain technically hand-on but also operate at a strategic level.
Alongside this, you will bring a diverse skillset across several of the following:
A proven background in one or more of the following domains: Security Operations, Threat Hunting, SOAR, Detection Engineering, Digital Forensics.
Knowledge of frameworks such as MITRE ATT&CK, RE&CT, D3FEND Mandiant Attack Lifecycle, Cyber Kill Chain. Mapping such frameworks to detection mechanisms, incident categorisations and reporting methods.
Knowledge of programming and query languages for application across detection, triage, and response capabilities.
Strong understanding of IT Security Controls (FW/IPS/IDS/DDOS, NGAV/EDR/MDR, Identify Access Management, User Behaviour Analytics, Data Loss Prevention, SIEM)
Practical knowledge of industry standard frameworks (ISO 2700x, NIST, ITIL, etc.), best practices (CIS, SANs, OWASP, CSA) and regulations (PCI DSS, GDPR, China CSL etc.).
Expert knowledge of security tools, techniques, and best practice within enterprise environments.
Expert knowledge of current industry security threats, challenges, and mitigation techniques
Demonstrable experience of implementing SOC services in large organization.
Experience in developing and implementing playbooks and processes in response to emerging threats.
Ability to evaluate & articulate risks, develop consensus, raise awareness, and distil complex technical information across all levels of the organization via root cause analysis documentation.
Knowledge and hand-on implementation experience specific to Network & Infrastructure Security, Application Security, Cloud & Mobility Security (IaaS, PaaS, SaaS, CDN), Data/Database Security, etc.
Experience in leading major cyber incidents through to resolution.
Dyson is an equal opportunity employer. We know that great minds don’t think alike, and it takes all kinds of minds to make our technology so unique. We welcome applications from all backgrounds and employment decisions are made without regard to race, colour, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other any other dimension of diversity.