Cyber Security Specialist, Incident Report
The Position:
The Cybersecurity Specialist, Incident Response is responsible for investigating security incidents as part of the Bank’s Cyber Security Incident Response Team (CSIRT) that may negatively impact the Bank, its customers, or partners (including hacking attempts, intrusions, malware infestations, mishandling of data/information, and other security threats). The Cybersecurity Specialist, Incident Response will further provide support during cyber incidents and investigations, and actively participate in threat hunting activities. The objective of this position is to ensure that the Bank can rapidly identify and effectively respond to cyber occurrences with minimal to no adverse impact on its data, information systems, technological infrastructure, reputation, customer confidence, or other tangible or intangible assets.
Key Responsibilities:
- Appropriately
and practically defend the information enterprise in accordance with
established policies, procedures, guidelines, and practices.
- Analyse
security alerts and potential cybersecurity incidents to identify true
security breaches.
- Create
procedures, run books, high- and low-level documentation, processes and
develop staff to respond to cybersecurity incidents more effectively.
- Investigate
security breaches and make informed decisions towards containment, and
recommendations for corrective action.
- Apply
expertise in both endpoint and network analysis to ascertain the impact of
an attack and develop threat trends and mitigation techniques and
countermeasures that can prevent future attacks.
- Coordinate
the analytic and investigative efforts of the Cyber Security Incident
Response and Recovery Team (CSIRRT) along with any Technology incident
response team as required during a critical cyber occurrence.
- Track
emerging and realised threats including, but not limited to, mapping
command-and-control infrastructure, investigating phishing campaigns,
unearthing weaponised file/document techniques and patterns, as well as
passing detection opportunities to the Cybersecurity Intelligence and
Security Operations Centre (CISOC) and incident management teams.
- Research
and provide technical security expertise on advanced persistent threats
(APTs) affecting the financial services industry to senior management.
- Implement
security improvements by assessing the current situation, evaluating
trends, and anticipating requirements.
- Employ
leading cybersecurity frameworks (like MITRE adversarial tactics,
techniques, and common knowledge, National Institute of Standards and
Technology Cybersecurity Framework, ISO 27001) to identify, counter and
mitigate threats through the process of threat modelling.
The Person:
For the above position,
the successful applicant should meet the following criteria:
- Information
Technology / Computer Science / Telecommunications / Engineering /
(Electrical, Electronic) or related field
- Security
certification such as; Certified SOC Analyst (CSA),Certified Incident
Handler (E|CIH),GIAC Certified Intrusion Analyst (GCIA),GIAC Certified
Incident Handler (GCIH),GIAC Certified Forensic Analyst (GCFA),Certified
Information Systems Auditor (CISA),Certified Information Systems Security
Professional (CISSP),Certified Information Security Manager
(CISM),Security+.
- Have
a minimum of 5 years’ experience in Technology with at least 2 years’
experience in Cybersecurity and 1 year experience in Security Operations
Centre / Security Monitoring.
How to Apply
The above position is
demanding role for which the Bank will provide a competitive remuneration
package to the successful candidate. If you believe you can clearly demonstrate
your abilities to meet the criteria given above, please log in to our
Recruitment portal and submit your application with a detailed CV.
To be considered your
application must be received by Friday 2nd December
2022.
Qualified candidates with
disability are encouraged to apply.
Only short-listed
candidates will be contacted.