Manager, Cyber Security (Threat Mgmt)

Job Purpose

In an increasingly complex cyber threat landscape, the Manager, Threat Management is responsible for establishing and leading SMRT’s cyber threat management function. The role focuses on identifying, analysing and managing emerging cyber threats to strengthen the organisation’s cyber defence posture. This includes building robust threat management capabilities, driving threat informed decision making, and ensuring stakeholders are equipped with timely, relevant and actionable threat insights.

Responsibilities

As Manager, Threat Management, you will lead the design, implementation and operationalisation of SMRT’s threat management programme. Your responsibilities include:

•    Lead and operationalise SMRT’s Cyber Threat Management strategy, ensuring alignment with organisational security objectives.

•    Analyse threat actors, campaigns, tactics, techniques and procedures (TTPs), producing countermeasures, detection logic, or mitigation plans.

•    Operationalise threat management by collaborating with SOC, threat intel, incident response, vulnerability management and other cybersecurity teams.

•    Provide actionable insights to guide cyber defence enhancements, incident response activities and executive risk discussions.

•    Manage Threat Intelligence Platform (TIP) to ensure seamless integration with SIEM and SOAR

•    Contextualise global threat trends and emerging adversary TTPs against SMRT’s specific attack surface to proactively identify exposures and drive preventive remediation before exploitation occurs.

•    Manage the technical operationalisation of intelligence sharing channels with government agencies and industry partners, ensuring the timely ingestion, curation, and dissemination of threat data to internal teams.

•    Ensure threat management processes, tools and platforms meet organisational needs and regulatory expectations.

•    Lead continuous maturity improvement of the cyber threat management function through capability development, staff training and process optimisation.

Qualifications & Work Experience

•    A bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related discipline.
•    5-10 years of relevant experience in threat management, threat hunting, incident response, red teaming, cybersecurity operations, or equivalent intelligence driven security roles.
•    Strong understanding of threat actor behaviours, tactics, techniques and procedures (TTPs), and threat modelling frameworks (e.g., MITRE ATT&CK, Diamond Model, Cyber Kill Chain).
•    Hands‑on experience working with threat management (e.g. External Attack Surface Monitoring (EASM) platforms, threat feeds, OSINT tools, TIPs, malware analysis tools, and enrichment technologies will be advantageous.
•    Familiarity with security operations, incident response, and vulnerability management workflows, enabling effective intelligence operationalisation.
•    Knowledge of regulatory requirements including the Cybersecurity Code of Practice (CCoP), Personal Data Protection Act (PDPA), and sector-specific standards are advantageous.
•    Industry certifications are advantageous (e.g., GCTI, GREM, GCIA, CISSP, CISM, CEH, FOR508/Threat Hunting, SANS intelligence‑related certifications).

Skills

Technical skills include:

•    Expert knowledge of methodologies to continuously map and monitor the organisation’s digital footprint (including shadow IT), while identifying, prioritizing, and validating exposures (vulnerabilities, misconfigurations, and attack pathways) for effective remediation.
•    Ability to apply threat modelling frameworks (e.g., STRIDE, PASTA) to business systems and translate technical vulnerabilities into quantified business risk for effective remediation prioritization
•    Proficiency in performing hypothesis-driven threat hunts using available internal telemetry (SIEM, EDR) and correlating findings with attack surface exposures to validate potential breach vectors and identify stealthy intrusions.
•    Proficiency with threat management tools and platforms, including SIEM/SOAR/EASM platforms, threat feeds, OSINT frameworks, enrichment tools, malware sandboxes, and automated analysis technologies.

Core Competencies include:

•    Ability to "think like an attacker" to proactively identify hidden attack vectors and logic flaws that standard compliance scans might miss.
•    Skill in translating technical vulnerabilities into quantifiable business risks to justify resource allocation and prioritize remediation efforts for system owners.
•    Capability to make rapid, risk-based decisions during active threat hunting operations.
•    High integrity and discretion in handling sensitive information.
•    Ability to pivot defensive priorities quickly based on intelligence directives ensuring the organisation’s attack surface is hardened against the latest relevant TTPs
•    Proactive and collaborative mindset, with a commitment to continuous improvement