Cyber Security
M2 TALENTS PTE. LTD.
Scope of Work (SOW) - ATFM Security
Team
1. Objective
To provide Security Support Services for the ATFM environment, leveraging key security technologies including Splunk, CyberArk, Trellix, CarbonBlack, and ensuring compliance, threat monitoring, and incident response in coordination with internal and external stakeholders.
2. Team Composition
Provide manage resources by providing 24/7 standby support through rotational shifts or on-call arrangements to ensure continuous security monitoring and incident response. Managed resources should consist of a minimum of 3 resources :-
Roles Job Description
Team Lead
Responsible for oversight, reporting, stakeholder coordination, and escalation management
- Report to Service Delivery Manager and Network Operation manager.
- Need to familiar will security products (refer to Technical Skill requirement)
- Lead the Security Service Support Team and work closely with FM Team to the day-to-day operation and upgrade plan.
- Work closely with ACISO (Assistant Chief Information Security Officer on Security policy enforcement, Compliance issue resolution and Audit support.
- Submit Monthly Security Reports covering: Summary of incidents, Treat trends, Compliance status & Recommendations for improvement
- Provide Ad-hoc reports upon request for specific incidents or investigations.
- Conduct regular account reviews and logs analysis with FM Team
- Respond to and follow up on security queries and incidents raised by HTSOC or GSOC.
- Work with FM team to update Risk register for EOSL, outdated patching or any non-compliance issue.
- VAPT (Vulnerability Assessment & Penetration Testing) for remediation follow-ups
Engineers
Responsible for day-to-day operations, monitoring, analysis, and remediation activities.
- Report to Security Team Lead
- Need to familiar will security products (refer to Technical Skill requirement)
- Monitor alerts and anomalies using Splunk dashboards and Trellix/CarbonBlack threat feeds.
- Work closely with FM Team to the day-to-day operation and upgrade plan
- Perform and Coordinate Upgrade of the security products
- Submit Monthly Security Reports covering: Summary of incidents, Treat trends, Compliance status & Recommendations for improvement
- Provide Ad-hoc reports upon request for specific incidents or investigations.
- Conduct regular account reviews and logs analysis with FM Team
- Respond to and follow up on security queries and incidents raised by HTSOC or GSOC.
- Work with FM team to update Risk register for EOSL, outdated patching or any non-compliance issue.
- VAPT (Vulnerability Assessment & Penetration Testing) for remediation follow-ups
3. Technical Skill Requirements
Personnel must possess hands-on experience and certifications (where applicable) in the following technologies:
Product & Skills
Description
Splunk: SIEM operations, log analysis, dashboard creation, alert tuning
CyberArk: Privileged Access Management, account lifecycle management, vault operations.
Trellix: Endpoint protection, threat detection, and response.
Carbon Black: Endpoint detection and response (EDR), malware analysis, threat hunting.
Security & Compliance Framework: Familiarity with ICA cybersecurity practices, compliance frameworks, and VAPT processes.
5. Service Level Agreement
Service Level Agreement
- 24/7 Standby with Escalation Procedure.
- Activated based on Incident or Client request
Response Time
- 30 mins responses times
Resolution Time
- Based on what are the system SLA subscribe by client (i.e. 1 Hour, 2 Hour and 4 hours, 8 hours)
6. Deliverables
- Monthly Security Report (PDF/Excel format)
- Incident Response Logs and Follow-up Reports
- Risk Register Updates
- VAPT Remediation Tracking Sheet
- Stakeholder Meeting Minutes (if applicable)
- Account review report
- ABLR and HTSOC report
Team
1. Objective
To provide Security Support Services for the ATFM environment, leveraging key security technologies including Splunk, CyberArk, Trellix, CarbonBlack, and ensuring compliance, threat monitoring, and incident response in coordination with internal and external stakeholders.
2. Team Composition
Provide manage resources by providing 24/7 standby support through rotational shifts or on-call arrangements to ensure continuous security monitoring and incident response. Managed resources should consist of a minimum of 3 resources :-
Roles Job Description
Team Lead
Responsible for oversight, reporting, stakeholder coordination, and escalation management
- Report to Service Delivery Manager and Network Operation manager.
- Need to familiar will security products (refer to Technical Skill requirement)
- Lead the Security Service Support Team and work closely with FM Team to the day-to-day operation and upgrade plan.
- Work closely with ACISO (Assistant Chief Information Security Officer on Security policy enforcement, Compliance issue resolution and Audit support.
- Submit Monthly Security Reports covering: Summary of incidents, Treat trends, Compliance status & Recommendations for improvement
- Provide Ad-hoc reports upon request for specific incidents or investigations.
- Conduct regular account reviews and logs analysis with FM Team
- Respond to and follow up on security queries and incidents raised by HTSOC or GSOC.
- Work with FM team to update Risk register for EOSL, outdated patching or any non-compliance issue.
- VAPT (Vulnerability Assessment & Penetration Testing) for remediation follow-ups
Engineers
Responsible for day-to-day operations, monitoring, analysis, and remediation activities.
- Report to Security Team Lead
- Need to familiar will security products (refer to Technical Skill requirement)
- Monitor alerts and anomalies using Splunk dashboards and Trellix/CarbonBlack threat feeds.
- Work closely with FM Team to the day-to-day operation and upgrade plan
- Perform and Coordinate Upgrade of the security products
- Submit Monthly Security Reports covering: Summary of incidents, Treat trends, Compliance status & Recommendations for improvement
- Provide Ad-hoc reports upon request for specific incidents or investigations.
- Conduct regular account reviews and logs analysis with FM Team
- Respond to and follow up on security queries and incidents raised by HTSOC or GSOC.
- Work with FM team to update Risk register for EOSL, outdated patching or any non-compliance issue.
- VAPT (Vulnerability Assessment & Penetration Testing) for remediation follow-ups
3. Technical Skill Requirements
Personnel must possess hands-on experience and certifications (where applicable) in the following technologies:
Product & Skills
Description
Splunk: SIEM operations, log analysis, dashboard creation, alert tuning
CyberArk: Privileged Access Management, account lifecycle management, vault operations.
Trellix: Endpoint protection, threat detection, and response.
Carbon Black: Endpoint detection and response (EDR), malware analysis, threat hunting.
Security & Compliance Framework: Familiarity with ICA cybersecurity practices, compliance frameworks, and VAPT processes.
5. Service Level Agreement
Service Level Agreement
- 24/7 Standby with Escalation Procedure.
- Activated based on Incident or Client request
Response Time
- 30 mins responses times
Resolution Time
- Based on what are the system SLA subscribe by client (i.e. 1 Hour, 2 Hour and 4 hours, 8 hours)
6. Deliverables
- Monthly Security Report (PDF/Excel format)
- Incident Response Logs and Follow-up Reports
- Risk Register Updates
- VAPT Remediation Tracking Sheet
- Stakeholder Meeting Minutes (if applicable)
- Account review report
- ABLR and HTSOC report
JOB SUMMARY
Cyber Security
M2 TALENTS PTE. LTD.
Singapore
5 days ago
N/A
Full-time
Cyber Security