Manager, Cyber Threat Intelligence & Fusion Centre - Bukit Merah

Summary of the role

The mission of MBS CSOC is to protect and defend MBS against cyber-attacks targeting the gaming, retail and hospitality sector.

The candidate builds, leads and supervises daily cyber threat horizon scanning operation for MBS. For every applicable cyber threat, the candidate is expected to lead the operation to assess and coordinate dissemination, track follow up and defensive / mitigative measures, and to provide reporting as per MITRE Cyber Threat Informed Defence framework.

All duties are to be performed in accordance with the department and Marina Bay Sands’ policies, practices and procedures.

• Consistent and regular attendance is an essential function of this job.
• Ensure relevant external cyber threat information is detected, responded and / or escalated in a timely fashion.
• Ensure external cyber threat information tools / subscriptions are maintained, reviewed and effective in detecting external cyber threat information.
• Ensure process runbooks are reviewed and updated timely.
• Ensure metrics and trending are collected, reviewed and analyzed timely.
• Coordinate with other stakeholders to track and resolve findings, where required.
• Performs other related duties as assigned

• Degree or Diploma in Cybersecurity
• Professional cyber related membership and certification is required

• 5-10 years of work experience in technical cyber threat intelligence operations, incident response investigation and / or malware analysis.

• Proven effective verbal and written communication skills

• Facilitate continuously updated intelligence, surveillance, and visualization input to common operational picture managers
• Identify intelligence gaps and shortfalls
• Monitor open source websites for hostile content directed towards organizational or partner interests
• Identify cyber threat tactics and methodologies
• Identify and characterize intrusion activities against a victim or target
• Determine effectiveness of intelligence collection operations
• Recommend adjustments to intelligence collection strategies
• Develop cyber operations indicators
• Coordinate all-source collection activities
• Validate all-source collection requirements and plans
• Prepare threat and target briefings
• Identify intelligence requirements
• Modify collection requirements
• Determine effectiveness of collection requirements
• Monitor changes to designated cyber operations warning problem sets
• Report on adversarial activities that fulfill priority information requirements
• Prepare cyber operations intelligence reports
• Prepare indications and warnings intelligence reports
• Assess effectiveness of intelligence production
• Assess effectiveness of intelligence reporting
• Provide intelligence analysis and support
• Notify appropriate personnel of imminent hostile intentions or activities
• Determine if intelligence requirements and collection plans are accurate and up-to-date

• Intelligence collection capabilities and applications
• Intelligence requirements tasking systems and software
• Intelligence information repositories
• Threat intelligence principles and practices
• Operations security (OPSEC) principles and practices
• Target development principles and practices
• Target research tools and techniques
• Priority intelligence requirements
• Intelligence fusion
• Adversarial tactics principles and practices
• Adversarial tactics tools and techniques
• Threat vector characteristics
• Cyber attack stages
• Cyber intrusion activity phases
• Malware analysis tools and techniques
• Malware analysis principles and practices
• Cyber-attack tools and techniques
• Denial and deception tools and techniques

• Conducting non-attributable research
• Creating target intelligence products
• Conducting deep web research
• Performing target analysis
• Identifying intelligence gaps
• Conducting open-source searches
• Converting intelligence requirements into intelligence production tasks
• Developing collection strategies

• Thrive in a fast-paced, dynamic and global working environment.
• Adapt and adjust to priorities quickly as circumstances dictate while completing tasks within established time frames
• Establish and maintain cooperative working relationships with fellow Team Members, management, outside contacts, guests and the public.
• Meet the basic physical requirements of an office environment including moving freely and frequently about an office, accessing computers and related technologies using peripheral equipment and operating other office equipment.
• Maintain composure under pressure and consistently meet deadlines with internal and external stakeholders.