Cyber Threat Responder

Marina Bay Sands Pte Ltd| Date Posted: 11-Sep-2020
Save Job
Job Nature:
'N' Levels / 'O' Levels, ITE/ NITEC/ Higher NITEC, 'A' Levels, Diploma, Bachelor's / Honours, Masters / PhD

Job Description

Summary of the role

The Cyber Threat Responder is an experienced threat detection and response analyst within Marina Bay Sands’ (MBS) Cyber Security Operations Centre (CSOC). MBS CSOC operates a follow-the-sun model, partnering with Las Vegas Sands (LVS) Corp CSOC.  The mission of MBS CSOC is to protect and defend MBS and LVS against cyber-attacks targeting the gaming, retail and hospitality sector.

The Cyber Threat Responder coordinates daily monitoring of cyber threat detection and mitigation tools, reviews Cyber Threat Analysts activities, tune and apply defensive counter-measures to mitigate cyber threats. This position works closely with the global CSOC team members in other centers around the world.


  • Consistent and regular attendance is an essential function of this job
  • Ensure cyber threats are mitigated and escalated in a timely fashion.
  • Ensure cyber threat detection tools are tuned and maintained timely.
  • Ensure CSOC analyst runbooks are reviewed timely.
  • Review CSOC metrics and trending, including the health of the security monitoring systems.
  • Ensure IT compliance within CSOC operations.
  • Ensure CSOC compliance with regulatory requirement.
  • Ensure cases are followed-up by Cyber Threat Analysts timely.
  • Participate in the investigation of security violations and breaches.
  • Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used to support cyber security operations
  • Performs other related duties as assigned
  • Perform weekend day-shift on rotation basis.


  • Degree or diploma with at least 3-5 years of work experience in detecting and responding to cyber threats, preferably in a Global CSOC environment.
  • Professional cyber-related membership and certification is required.
  • Experience in Gaming, Banking or Critical Infrastructure InfoComm Industry is preferred, but not a must.
  • Proven effective verbal and written communication skills.
  • Abilities required:
    • Apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
    • Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
  • Knowledge required:
    • Computer networking concepts and protocols.
    • Cyber threats and vulnerabilities
    • Incident categories, responses and timelines.
    • System and application security threats and vulnerabilities.
    • Security service provider reporting structure and processes.
    • Defence-in-depth principles and network security architecture.
    • Common attack vectors.
    • Cyber-attack stages.
  • Skills required:
    • Detect host and network based intrusions.
    • Collect data from a variety of cyber defence resources.
    • Recognize and categorize types of vulnerabilities and associated attacks.
    • Protect a network against malware.
    • Read and interpret detection signatures.